iptables - What does the range in bracket mean? [duplicate]
Possible Duplicate:
Don’t understand [0:0] iptable syntax
My server is Red Hat Enterprise Linux Server release 5.
I'm not an expert in Linux iptables firewall. I've the following entries in iptables:
[root@myserver ~]# more /etc/sysconfig/iptables
# Generated by iptables-save v1.3.5 on Mon Sep 14 20:04:30 2009
*nat
:PREROUTING ACCEPT [10934:1556118]
:POSTROUTING ACCEPT [0:0]
:OUTPUT ACCEPT [111392:6686084]
-A PREROUTING -p tcp -m tcp --dport 80 -j REDIRECT --to-ports 5050
-A POSTROUTING -j MASQUERADE
-A OUTPUT -d 192.168.0.200 -p tcp -m tcp --dport 80 -j DNAT --to-destination 192.168.0.200:5050
-A OUTPUT -d 127.0.0.1 -p tcp -m tcp --dport 80 -j DNAT --to-destination 127.0.0.1:5050
COMMIT
# Completed on Mon Sep 14 20:04:30 2009
What does the value range in the bracket mean? For example, here: PREROUTING ACCEPT [10934:1556118]
, what does the range 10934:1556118 mean?
Solution 1:
It is packet and byte counters, try this:
iptables -nvL OUTPUT
PREROUTING
Address translation occurs before routing. Facilitates the transformation of the destination IP address to be compatible with the firewall's routing table. Used with NAT of the destination IP address, also known as destination NAT or DNAT.
Solution 2:
They are the saved values of the byte and packet counters for the specified table's chain policy. In your case the nat table. Have a look here for more information on iptables-save.