Paco Jones <(E-Mail Removed)> said:
>I'm working with IPtables on Redhat and am finding some information in
>the /etc/sysconfig/iptables file that I'm not sure about... On one
>system it'll show the following line:
>
>[80-4040] -A POSTROUTING....
Apparently [80:4040]?
>Another system shows:
>
>:FORWARD ACCEPT [0:0]
>
>Question >> What does the [***] signify? Are these port numbers? If
>so, is [0:0] signify EVERY port?
No, they're amount of packets:bytes matched by the rule, or entered in
the rule chain.
>Then why does it show up first on one
>rule and last on another rule?
The first line you quoted is a single rule, the second is a line for
a rule chain. Of course, having the packet/byte count as the first
element in both cases might make more sense, but this seems to be the
way the code did evolve, and it's not broken enough to require fixing
(and thus breaking compatibility for tools that read the current syntax).
--
Wolf a.k.a. Juha Laiho Espoo, Finland
(GC 3.0) GIT d- s+: a C++ ULSH++++$ P++@ L+++ E- W+$@ N++ !K w !O !M V
PS(+) PE Y+ PGP(+) t- 5 !X R !tv b+ !DI D G e+ h---- r+++ y++++
"...cancel my subscription to the resurrection!" (Jim Morrison)
|
Similar Threads
Linear Mode
