netfilter buglog - Jan 2010 - [Bug 631] New: Unable to zero packet and byte count for policy.

http://bugzilla.netfilter.org/show_bug.cgi?id=631

           Summary: Unable to zero packet and byte count for policy.
           Product: iptables
           Version: 1.3.5
          Platform: i386
        OS/Version: RedHat Linux
            Status: NEW
          Severity: enhancement
          Priority: P1
         Component: iptables
        AssignedTo: netfilter-buglog at lists.netfilter.org
        ReportedBy: fedora at opensourcenuts.com


I am using RHEL 5.2 kernel 2.6.18-92.el5

iptables --list -v display the packet and bytes transferred. 

I am able to zero packet and bytes count for chains using command
iptables --zero

but i am able to zero policy count. Either this feature is missing or this is a
bug that --zero doesn't work for policy or there is an option which I am not
able to find.

But yes, the only alternate I can find to zero the packet and byte count for
policy is by changing the policy.

if any one has the clue, plz post clarification.


-- 
Configure bugmail: http://bugzilla.netfilter.org/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are the assignee for the bug, or are watching the assignee.

http://bugzilla.netfilter.org/show_bug.cgi?id=631


fedora at opensourcenuts.com changed:

           What    |Removed                     |Added
----------------------------------------------------------------------------
           Severity|enhancement                 |critical




-- 
Configure bugmail: http://bugzilla.netfilter.org/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are the assignee for the bug, or are watching the assignee.

http://bugzilla.netfilter.org/show_bug.cgi?id=631


jengelh at medozas.de changed:

           What    |Removed                     |Added
----------------------------------------------------------------------------
             Status|NEW                         |RESOLVED
         Resolution|                            |WORKSFORME




------- Comment #1 from jengelh at medozas.de  2010-02-03 22:29 -------
Seems to work for me. - iptables 1.4.6.

# iptables -nvL | grep OUTPUT; iptables -Z; iptables -nvL | grep OUTPUT;
Chain OUTPUT (policy ACCEPT 78 packets, 7627 bytes)
Chain OUTPUT (policy ACCEPT 0 packets, 0 bytes)


-- 
Configure bugmail: http://bugzilla.netfilter.org/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are the assignee for the bug, or are watching the assignee.

http://bugzilla.netfilter.org/show_bug.cgi?id=631


fedora at opensourcenuts.com changed:

           What    |Removed                     |Added
----------------------------------------------------------------------------
                 CC|                            |fedora at opensourcenuts.com
             Status|RESOLVED                    |REOPENED
         Resolution|WORKSFORME                  |




------- Comment #2 from fedora at opensourcenuts.com  2010-02-04 06:54 -------
Thanks for your reply. But in my case below is the extract:

[root at ns1 ~]# iptables -nvL | grep OUTPUT
Chain OUTPUT (policy ACCEPT 4587 packets, 3164K bytes)
[root at ns1 ~]# iptables -Z
[root at ns1 ~]# iptables -nvL | grep OUTPUT
Chain OUTPUT (policy ACCEPT 4587 packets, 3164K bytes)
[root at ns1 ~]#

Do I need to update, or patch my kernel. 

Also, is there in feature to zero the packet and byte count of specific chain,
and specific policy separately, I mean to zero policy counter without zeroing
chain counter and vice versa.


-- 
Configure bugmail: http://bugzilla.netfilter.org/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are the assignee for the bug, or are watching the assignee.