Shorewall users - Aug 2005 - traffic accounting for local user web browsing

I read the accounting section of shorewall documentation.
"READ THE ABOVE CAREFULLY -- IT SAYS SERVER. If you want to account
for web browsing, you have to reverse the rules below.

        #ACTION         CHAIN   SOURCE  DESTINATION     PROTOCOL      
 DEST            SOURCE
        #                                                             
 PORT            PORT
        web             -       eth0    -               tcp             80
        web             -       -       eth0            tcp           
 -               80
        web             -       eth0    -               tcp             443
        web             -       -       eth0            tcp           
 -               443
        COUNT           web     eth0
        COUNT           web     -       eth0
"

I don''t quite understand what to reverse of the rules above for
accounting web browsing ?


-------------------------------------------------------
SF.Net email is Sponsored by the Better Software Conference & EXPO
September 19-22, 2005 * San Francisco, CA * Development Lifecycle Practices
Agile & Plan-Driven Development * Managing Projects & Teams * Testing
& QA
Security * Process Improvement & Measurement * http://www.sqe.com/bsce5sf

Adrian Mak wrote:
>
> I don''t quite understand what to reverse of the rules above for
> accounting web browsing ?
>
On a web server, requests to ports 80 and 443 come in and responses from
ports 80 and 443 go out. On a web client system, requests to ports 80
and 443 go out and responses from ports 80 and 443 come in.

-Tom
--
Tom Eastep    \ Nothing is foolproof to a sufficiently talented fool
Shoreline,     \ http://shorewall.net
Washington USA  \ teastep@shorewall.net
PGP Public Key   \ https://lists.shorewall.net/teastep.pgp.key

> 
> On a web server, requests to ports 80 and 443 come in and responses from
> ports 80 and 443 go out. On a web client system, requests to ports 80
> and 443 go out and responses from ports 80 and 443 come in.
> 
assume eth1 is connect to Internet and eth0 is connect to localnet of
the firewall (shorewall) machine. then whe accounting rules for web
browsing


web             -       eth0    eth1           tcp    80
web             -       eth1   eth0            tcp    -        80
COUNT         web      eth0 eth1
COUNT         web      eth1 eth0

am i right ?


-------------------------------------------------------
SF.Net email is Sponsored by the Better Software Conference & EXPO
September 19-22, 2005 * San Francisco, CA * Development Lifecycle Practices
Agile & Plan-Driven Development * Managing Projects & Teams * Testing
& QA
Security * Process Improvement & Measurement * http://www.sqe.com/bsce5sf