Mangle rules counters

Thu Nov 19, 2015 6:01 pm

When the traffic counter increase in a mangle rule, does it necessary mean that packets are filtered by that rule and they leave the chain ???

Or do they continue the chain if passthrough=yes is set ??

I have some accept rules on first positions , their counter have never increased (0) , does it mean that rules are unnecessary ??

Fri Nov 20, 2015 6:29 am

Counter rise means hit done. It is that the packet fulfilled the conditions of the rule. Nothing more.
Having no hit doesn't necessarily mean that the rule is not needed. May happen that one day such packet can arrive to the rule.

