[Bug 808] New: Wrong packet and byte counters when using DROP/REJECT targets and UDP protocol match
bugzilla-daemon at bugzilla.netfilter.org
bugzilla-daemon at bugzilla.netfilter.org
Tue Jan 29 19:15:34 CET 2013
http://bugzilla.netfilter.org/show_bug.cgi?id=808
Summary: Wrong packet and byte counters when using DROP/REJECT
targets and UDP protocol match
Product: iptables
Version: unspecified
Platform: All
OS/Version: All
Status: NEW
Severity: enhancement
Priority: P5
Component: iptables
AssignedTo: netfilter-buglog at lists.netfilter.org
ReportedBy: edigaryev at gmail.com
Estimated Hours: 0.0
Created attachment 390
--> http://bugzilla.netfilter.org/attachment.cgi?id=390
Successful attempt to reproduce (iptables 1.4.17)
Steps to reproduce:
0. Flush all your rules (optionally)
1. Add a new rule:
iptables -A OUTPUT -p udp -d 8.8.8.8 -j DROP
2. Send one UDP packet to 8.8.8.8:
echo -n 'test' | nc -u 8.8.8.8 5555
3. Look at the packet and byte counters:
iptables -nvL
I've also noticed that the "DROP rule" packet counter value is always 2 times
bigger than the "REJECT rule" packet counter.
--
Configure bugmail: http://bugzilla.netfilter.org/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are watching all bug changes.
More information about the netfilter-buglog
mailing list