[OpenWrt-Devel] byte counters for IP address using IPTABLES
Charlie Smurthwaite
charlie at atechmedia.com
Wed Feb 4 08:55:22 EST 2015
Is this router doing SNAT? If so, these packets are likely being mangled
by connection tracking before they get matched by the filter.
Charlie
On 04/02/15 13:48, INYO L wrote:
> hi,
>
> I have some trouble about the openwrt system, and the linux
> kernelver-3.10.49 , iptables version 1.4.21 (barrier_breaker r44257)
>
> iptables -I FORWARD -s 192.168.2.226 -j ACCEPT
> iptables -I FORWARD -d 192.168.2.226 -j ACCEPT
> iptables -nxv -L FORWARD
>
> When I sufing the Internet, the kernel can't get the bytes from
> source(0.0.0.0/0) to destination(192.168.2.226) .
> Why ?
>
> root at WirelessRouter:/tmp/logs# iptables -nxv -L FORWARD
> Chain FORWARD (policy DROP 0 packets, 0 bytes)
> pkts bytes target prot opt in out source
> destination
> 0 0 ACCEPT all -- * * 0.0.0.0/0
> 192.168.2.226
> 14 896 ACCEPT all -- * * 192.168.2.226
> 0.0.0.0/0
> 101 4724 delegate_forward all -- * * 0.0.0.0/0
> 0.0.0.0/0
>
> But, I used the kernel-ver-3.10.36 (barrier_breaker r40976), it works!
>
> Attachment is a few screenshot.
>
> thanks a lot.
>
>
>
> _______________________________________________
> openwrt-devel mailing list
> openwrt-devel at lists.openwrt.org
> https://lists.openwrt.org/cgi-bin/mailman/listinfo/openwrt-devel
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.infradead.org/pipermail/openwrt-devel/attachments/20150204/e8bc691c/attachment.htm>
-------------- next part --------------
_______________________________________________
openwrt-devel mailing list
openwrt-devel at lists.openwrt.org
https://lists.openwrt.org/cgi-bin/mailman/listinfo/openwrt-devel
More information about the openwrt-devel
mailing list