iptables - What does the range in bracket mean?

linux firewall iptables redhat
15,525

Solution 1

It is packet and byte counters, try this:

iptables -nvL OUTPUT

PREROUTING

Address translation occurs before routing. Facilitates the transformation of the destination IP address to be compatible with the firewall's routing table. Used with NAT of the destination IP address, also known as destination NAT or DNAT.

Solution 2

They are the saved values of the byte and packet counters for the specified table's chain policy. In your case the nat table. Have a look here for more information on iptables-save.

Share:
15,525

Related videos on Youtube

Gnanam
Author by

Gnanam

Updated on September 17, 2022

Comments

  • Gnanam
    Gnanam over 1 year

    Possible Duplicate:
    Don’t understand [0:0] iptable syntax

    My server is Red Hat Enterprise Linux Server release 5.

    I'm not an expert in Linux iptables firewall. I've the following entries in iptables:

    [root@myserver ~]# more /etc/sysconfig/iptables
# Generated by iptables-save v1.3.5 on Mon Sep 14 20:04:30 2009
*nat
:PREROUTING ACCEPT [10934:1556118]
:POSTROUTING ACCEPT [0:0]
:OUTPUT ACCEPT [111392:6686084]
-A PREROUTING -p tcp -m tcp --dport 80 -j REDIRECT --to-ports 5050
-A POSTROUTING -j MASQUERADE
-A OUTPUT -d 192.168.0.200 -p tcp -m tcp --dport 80 -j DNAT --to-destination 192.168.0.200:5050
-A OUTPUT -d 127.0.0.1 -p tcp -m tcp --dport 80 -j DNAT --to-destination 127.0.0.1:5050
COMMIT
# Completed on Mon Sep 14 20:04:30 2009

    What does the value range in the bracket mean? For example, here: PREROUTING ACCEPT [10934:1556118], what does the range 10934:1556118 mean?

  • Gnanam
    Gnanam almost 14 years
    Thanks for that information. On executing iptables -nvL OUTPUT, I'm getting pkts value as 7984K and bytes value as 2310M. But the values in /etc/sysconfig/iptables are showing the same values. Why this difference?
  • Prix
    Prix almost 14 years
    @Gnanam could you post the top line showing the packts information...
  • Gnanam
    Gnanam almost 14 years
    Chain OUTPUT (policy ACCEPT 0 packets, 0 bytes) pkts bytes target prot opt in out source destination 7984K 2310M ACCEPT all -- * * 0.0.0.0/0 0.0.0.0/0
  • Prix
    Prix almost 14 years
    try this for a simple test, iptables-save > /tmp/test.iptables then cat /tmp/test.iptables | grep "OUTPUT ACCEPT", those are just counters and you can even reset it with the option -Z if you want. iptables -Z; iptables -Z -t mangle; iptables -Z -t nat

Recents

Why Is PNG file with Drop Shadow in Flutter Web App Grainy?
How to troubleshoot crashes detected by Google Play Store for Flutter app
Cupertino DateTime picker interfering with scroll behaviour
Why does awk -F work for most letters, but not for the letter "t"?
Flutter change focus color and icon color but not works
How to print and connect to printer using flutter desktop via usb?
Critical issues have been reported with the following SDK versions: com.google.android.gms:play-services-safetynet:17.0.0
Flutter Dart - get localized country name from country code
navigatorState is null when using pushNamed Navigation onGenerateRoutes of GetMaterialPage
Android Sdk manager not found- Flutter doctor error
Flutter Laravel Push Notification without using any third party like(firebase,onesignal..etc)
How to change the color of ElevatedButton when entering text in TextField

Related

iptables command to clear all existing rules
What prevents a machine from responding to pings?
TCP connect: No route to host
Forwarding all incoming traffic on eth0 to go to eth1
How to use iptables to allow traffic only through ONE SPECIFIC VPN
blocking port 80 via iptables
How to use FQDN in firewall rules for GNU/Linux?
Redirect http using iptables for an ip range
iptables blocking from internet side on eth1?
IPtables string match for some URLs