Re: iptables: reading counters
On Sun, Jan 09, 2005 at 12:37:19PM +0100, Robert Tasarz wrote:
> On Sat, Jan 08, 2005 at 08:00:44PM -0800, Mike Mestnik wrote:
> >
> > --- Marcin Owsiany <porridge@debian.org> wrote:
> >
> > > On Fri, Jan 07, 2005 at 10:00:36PM -0800, Mike Mestnik wrote:
> > > > See '-n' in most any man page(including iptables). Then use DNS or
> > > > hosts/networks/services for your host/net/port name resolving.
> > >
> > > Again, this is not a problem of symbolic vs numerical address matching.
> > > See my other post..
> > >
>
> http://www.netfilter.org/patch-o-matic/pom-extra.html
>
> <quote>
> Add comment match for attaching comments to rules
> Author: Brad Fisher <brad@info-link.net>
> Status: Stable
>
> This option adds CONFIG_IP_NF_MATCH_COMMENT, which supplies a comment
> match module. This match allows you to add comments (up to 256 characters)
> to any rule.
>
> Supported options:
> --comment COMMENT
>
> Example:
> -A INPUT -s 192.168.0.0/16 -m comment --comment "A privatized IP block"
> </quote>
>
> Stable status looks promising and I suspect that this is what you are
> looking for. Anyway I'm not using it and don't know which kernel version
> it supports. So give us some feedback if you decide to test it :).
FYI: I have finally installed this recently, and this indeed is what I
was looking for. More feedback (and maybe some code) to come :)
Marcin
--
Marcin Owsiany <porridge@debian.org> http://marcin.owsiany.pl/
GnuPG: 1024D/60F41216 FE67 DA2D 0ACA FC5E 3F75 D6F6 3A0D 8AA0 60F4 1216
Reply to: