| Main Archive Page > Month Archives > shorewall-users archives |
Re: [Shorewall-users] MARK accounting packet counts do not match mangle or tc
From: Tom Eastep <teastep_at_nospam>Date: Mon Jan 30 2012 - 20:04:53 GMT
To: Shorewall Users <shorewall-users@lists.sourceforge.net>
On Mon, 2012-01-30 at 13:45 -0600, David Koscinski wrote:
>
>
> Well that change did the trick for mark 3. But is exposed a flaw in
> my plans. Since /etc/accounting is only seeing MARK values prior to
> POSTROUTING, then my stats may not reflect the reality of what is
> going out eth0 since MARK could change.
I'm not following you.
>
> So you mentioned that accounting can be done in mangle. A quick
> google search revealed the ACCOUNTING_TABLE=mangle directive. Looks
> like I need a shorewall upgrade to take advantage of that.
That isn't going to work. When ACCOUNTING_TABLE=mangle, accounting
occurs before marking.
>
> Even though I think I've found the answers based on your comments,
> please do reply if you can. I'd like to be sure I am understanding
> this correctly.
-Tom
--
Tom Eastep \ When I die, I want to go like my Grandfather who
Shoreline, \ died peacefully in his sleep. Not screaming like
Washington, USA \ all of the passengers in his car
http://shorewall.net \________________________________________________
------------------------------------------------------------------------------
Try before you buy = See our experts in action!
The most comprehensive online learning library for Microsoft developers
is just $99.99! Visual Studio, SharePoint, SQL - plus HTML5, CSS3, MVC3,
Metro Style Apps, more. Free future releases when you subscribe now!
http://p.sf.net/sfu/learndevnow-dev2
_______________________________________________
Shorewall-users mailing list
Shorewall-users@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/shorewall-users