Iptables Packet (pkts) Count

arrmo · April 30, 2020, 12:41am

Hi,

Using the iptables information from the FAQ,
https://docs.graylog.org/en/3.2/pages/faq.html#how-can-i-start-an-input-on-a-port-below-1024

It works great, but … if I list my iptables status (below), it shows very few packets being forwarded (i.e. 22 total),

Chain PREROUTING (policy ACCEPT 7601 packets, 1404K bytes)
2       22  4027 REDIRECT   udp  --  any    any     anywhere             anywhere             udp dpt:syslog redir ports 1514

However, if I look at Graylog - just the last 15 minutes shows 599 packets (through this rule). Has anyone else seen this? It’s like the udp packets are not being counted correctly for some reason.

Thanks!

system · May 14, 2020, 12:41am

This topic was automatically closed 14 days after the last reply. New replies are no longer allowed.

Topic		Replies	Views
Port redirect 514->1514 - Possible port forward rule issue Graylog Central (peer support)	2	5795	July 23, 2021
Syslog input don't receive any packet Graylog Central (peer support)	2	489	March 27, 2019
Graylog port change not held at reboot Graylog Central (peer support)	3	691	September 1, 2021
Log Cisco Messages Graylog Central (peer support)	20	12371	December 13, 2019
Some messages not showing Graylog Central (peer support)	3	204	September 6, 2022

Iptables Packet (pkts) Count

Related topics