Iptables not accounting for certain packets
Hi,
Thanks to all who replied to my previous ip accounting question.
I got iptables to account by using the following...
/usr/local/sbin/iptables -A FORWARD -s 0.0.0.0/0 -d 202.65.74.116 -o eth0
/usr/local/sbin/iptables -A FORWARD -s 202.65.74.116 -d 0.0.0.0/0 -i eth0
this works fine accept that my accounting server is also a proxy server
and internet traffic directed to the proxy server dose not get forwarded
and hence is not accounted for.
Having encountered this problem i thought easy, just account for INPUT
and OUTPUT to that interface, i used ....
/usr/local/sbin/iptables -A OUTPUT -s 0.0.0.0/0 -d 202.65.74.116 -o eth0
/usr/local/sbin/iptables -A INPUT -s 202.65.74.116 -d 0.0.0.0/0 -i eth0
now correct me if im wrong but this should give me accounting for all
traffic going in eth 0 from 202.65.74.116 and going out eth 0 to
202.65.74.116 ??
What i found was that i got accounting for traffic that originated from
the server ie) ping 202.65.74.116 from the proxy server but when i ping
202.65.74.116 from an other machine that is on a network on the other
side of the server (server has two network cards with ip_forward) i get
no accounting for that traffic.
What's going wrong here ??
should my output rule not match all traffic going out eth0 to
202.65.74.116 even if it is coming in on eth1 getting routed through the
box and going out eth 0 to 202.65.74.116 ?
Any clarification would be muchly appreciated.
Regards,
Marcel
Reply to: