[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [hobbit] Graphing number of references to iptables chain

To: hobbit (at) hswn.dk
Subject: Re: [hobbit] Graphing number of references to iptables chain
From: Iain Conochie <iain (at) shihad.org>
Date: Wed, 05 Sep 2007 13:18:21 +0100
References: <46DE4085.5010400 (at) zandahar.net> <200709051313.27622.andreas.kunberger (at) ditf-denkendorf.de>
User-agent: Thunderbird 1.5.0.12 (X11/20070509)

Andreas Kunberger wrote:

Am Mittwoch, 5. September 2007 11:30 schrieb Iain Conochie:

<snip>

Here you go. This must bu run as root so either Set UID root (bad!) or
use sudo

for i in $CHAINS
    do sudo $IPTABLES -L -n -v -x| grep ^"Chain $i"| awk {'print $2 " "
$6 " : " $5'}| sed s/packets,/packets/g >> $BBTMP/packets.$$
done

Seems to me, its graphs only the packets the default policy of the chain isapplied to, i.e those who have not matche any ruly in the chain

mfg
Andreas Kunberger

True. Personally I use a default "reject" rule hence this will graphwhat the firewall rejects. Obviously this will not really take intoaccount what is allowed so maybe I was not too clear in my first statement.


Iain

References:
- Graphing number of references to iptables chain
  - From: Allan
- Re: [hobbit] Graphing number of references to iptables chain
  - From: Andreas Kunberger

Prev by Date: Re: [hobbit] Graphing number of references to iptables chain
Next by Date: Stupid sound question - "DNS Error"
Previous by thread: Re: [hobbit] Graphing number of references to iptables chain
Next by thread: Possible bug in trace with conn=
Index(es):
- Date
- Thread