similar to: [Bug 45] New: Feature: only count packets that get matched in a chain

https://bugzilla.netfilter.org/cgi-bin/bugzilla/show_bug.cgi?id=45 laforge@netfilter.org changed: What |Removed |Added ---------------------------------------------------------------------------- Status|NEW |RESOLVED Resolution| |WONTFIX ------- Additional Comments From

Firstly I don''t think this is a shorewall problem, but I suspect shorewall might be able to solve it for me. I''ve posted this so far at http://mandrakeusers.org/index.php?showtopic=18942 I''ve stumble upon a problem that has me stumped I have a multipath router using 2.6.8.1 with patches from here http://www.ssi.bg/~ja/#routes basic setup: ___ ISP1

Hello all: I''ve got a confusing issue. I had a working shorewall configuration (based on the two interface model) using DNAT for redirection to my HTTP server. The HTTP server is on my inside network (I know - bad juju, but one thing at a time). I changed my configuration this morning to use views in my BIND (named) configuration. Everyone outside the firewall is able to get in

https://bugzilla.netfilter.org/bugzilla/show_bug.cgi?id=488 Summary: Chain/Groupings of networks don't total pkts and bytes correctly Product: iptables Version: 1.2.11 Platform: i386 OS/Version: RedHat Linux Status: NEW Severity: normal Priority: P2 Component: iptables

http://bugzilla.netfilter.org/show_bug.cgi?id=577 Summary: cannot set spi/reqid numbers higher than 0x7fffffff (policy match) Product: iptables Version: unspecified Platform: i386 OS/Version: All Status: NEW Severity: normal Priority: P1 Component: iptables AssignedTo: laforge

https://bugzilla.netfilter.org/cgi-bin/bugzilla/show_bug.cgi?id=104 Summary: Bytes/packets counters sometimes give incorrect values Product: iptables userspace Version: 1.2.8 Platform: i386 OS/Version: RedHat Linux Status: NEW Severity: major Priority: P2 Component: iptables AssignedTo:

https://bugzilla.netfilter.org/show_bug.cgi?id=870 Summary: Iptables cannot block outbound packets sent by Nessus Product: iptables Version: 1.4.x Platform: x86_64 OS/Version: Ubuntu Status: NEW Severity: normal Priority: P5 Component: iptables AssignedTo: netfilter-buglog at lists.netfilter.org

https://bugzilla.netfilter.org/show_bug.cgi?id=1390 Bug ID: 1390 Summary: iptables -m string not working with --algo bm and OUTPUT chain under 5.3.x Product: netfilter/iptables Version: unspecified Hardware: x86_64 OS: All Status: NEW Severity: normal Priority: P5

Currently I have shorewal 2.2 installed om my debian 2.6.8 kernel. The firewall machine can access the internet via a ethernet modem fine. The firewall can ping the local network. The local network can ping the firewall server, see the samba files. Howeven teh local network cannot access the internet through the firewall Any suggestions? Rob van Overbruggen Settings and stats: Server: Eth1 :

Witam wszystkich After few days with yours help I''ve succeeded with setup of load-balancing. Now I have problem with next step. I want to mark some packets and than put them to the one of the routing tables to force them going via only one interface with only one ip. Easy?? Ofcourse, but not for me :(. I''m NOT using NAT. Chain OUTPUT (policy ACCEPT 71 packets, 24227

Hello, I have the following setup on linux 2.6.32... CentOS 6.x : ipsec tunnel eth0-10.255.3.254/25 - eth1-pub add1 <-> eth1-pub add2 - eth0-10.255.5.254/25 I am trying to SNAT remote private address 10.255.5.128/25 packets when they come out of the ipsec tunnel to make it appear like it was from local address 10.255.3.254. I am doing a source ping from the right side to a device on the

https://bugzilla.netfilter.org/cgi-bin/bugzilla/show_bug.cgi?id=115 Summary: incorrect "state RELATED,ESTABLISHED" checking with two interfaces Product: netfilter/iptables Version: linux-2.4.x Platform: i386 OS/Version: other Status: NEW Severity: normal Priority: P2

Hi folks, I have a strange situation. When I add branches to the tree, everything goes to the default class. The error might be obvious, but I cannot find it. I would really appreciate your help. this works, nothing goes to "1:9999": ############################################################################# /sbin/iptables -F -t mangle /sbin/tc qdisc del dev eth1 root >

Hi, I''ve a gateway host (cali), connected to the Internet via ADSL and a PPTP tunnel (ppp0). I also have a IPIP tunnel to another host over the Internet (mytun), nothing fancy. This is working perfectly. But I want to give more priority to the IPIP packets coming OUT of the PPP (PPTP connection) interface. And I can''t get this to work. Class 2:21 is the one with high

Packets going to a 2.6 kernel IPSEC tunnel do not seem to pass the POSTROUTING chain. Is that correct? R. -- ___________________________________________________________________ It''s so simple to be wise. Just think of something stupid to say and say the opposite. +------------------------------------------------------------------+ | Richard Lucassen, Utrecht

Hi all, I''m trying to marking packets with iptables and use tc filter to catch this packets. I configure my device: tc qdisc del root dev eth0 tc qdisc add dev eth0 root handle 1: htb default 10 tc class add dev eth0 parent 1: classid 1:1 htb rate 3000kbit ceil 6000kbit burst 15k tc class add dev eth0 parent 1:1 classid 1:10 htb rate 2000kbit ceil 4000kbit burst 15k tc qdisc add dev eth0

Hi, [Summary] There seems to be a bug when using the "+" wildcard notation in the interfaces file, in that rules are not generated in the fwd chain to permit traffic going out an interface with a "+" in it. [Details] The interface entries: loc tun0 detect routeback,newnotsyn loc tun1 detect routeback,newnotsyn loc tun2

https://bugzilla.netfilter.org/show_bug.cgi?id=912 Summary: Iptables resets ALL the counters within a chain, not only the specified ones Product: iptables Version: 1.4.x Platform: x86_64 OS/Version: All Status: NEW Severity: major Priority: P5 Component: iptables AssignedTo:

https://bugzilla.netfilter.org/bugzilla/show_bug.cgi?id=543 Summary: ANY shows as 0 for proto on 1.3.7 Product: iptables Version: unspecified Platform: All OS/Version: other Status: NEW Severity: minor Priority: P2 Component: iptables AssignedTo: laforge@netfilter.org ReportedBy:

http://bugzilla.netfilter.org/show_bug.cgi?id=747 Summary: IPtables marked packets not being inpsected in NAT table. Product: iptables Version: CVS (please indicate timestamp) Platform: All OS/Version: All Status: NEW Severity: major Priority: P3 Component: iptables AssignedTo: