Re: nat & ip accounting

All of lore.kernel.org
 help / color / mirror / Atom feed

From: alexb@atix.com.br
To: netfilter@lists.netfilter.org
Subject: Re: nat & ip accounting
Date: Wed, 26 Mar 2003 19:51:26 -0300 (BRT)	[thread overview]
Message-ID: <1048719086.3e822eeeb4d7e@www.spsul.com.br> (raw)
In-Reply-To: <200303262251.45912.kimj@dawn.dk>

If you havn't to many diferent ip/ip-ranges to monitor you can enter iptables
filter rules for that ips with no action, just to count the trafic, than use a
script and mrtg to show them. something like:

iptables -A FORWARD -s [MonitoredIP] -i [NIC_conecting_to_IP]
iptables -A FORWARD -d {MonitoredIP] -o [NIC_conecting_to_IP]

make a script to grab the bytecount and output them as mrtg expect
(IN,OUT,UPTIME,HOSTNAME). Change ^[1,2] to select your rules
in the chain where you grab the trafic.

iptables -nvxL FORWARD --line-numbers|egrep ^[1,2]|awk '{print $3}'


Cópia Kim Jensen <kimj@dawn.dk>:

> On Wednesday 26 March 2003 22:11, Rowan Reid wrote:
> > I have an answer but you also got me thinking.  A good tool to keep
> > track of traffic via ip addresses would be mrtg. However is there an
> > mrtg type tool that uses the counters in iptables rules to keep track
> of
> > traffic and output it in a user friendly form.
> 
> If you wish to see things in a more user friendly way (or usable way, as
> no 
> system is friendly :-) can be hard as you have to define what in what
> you 
> wish to see things!
> 
> mrtg is quite good, since you get the results on a webpage, but for
> tracking 
> ip specific things - I don't know, as I don't think the kernel remembers
> this 
> statistic. You can read per interface but not from each ip connecting to
> an 
> interface.
> 
> /Kim
> 
>

next prev parent reply	other threads:[~2003-03-26 22:51 UTC|newest]

Thread overview: 12+ messages / expand[flat|nested]  mbox.gz  Atom feed  top
2003-03-26 19:32 nat & ip accounting Alexandru Coseru
2003-03-26 21:01 ` Kim Jensen
2003-03-26 21:11   ` Rowan Reid
2003-03-26 21:51     ` Kim Jensen
2003-03-26 22:51       ` alexb [this message]
2003-03-26 23:17       ` Bjorn Ruberg
2003-03-26 21:38   ` Bjorn Ruberg
2003-03-26 22:47     ` Kim Jensen
2003-03-26 23:37 ` Bjorn Ruberg
2003-03-26 23:50 ` Bjorn Ruberg
     [not found] <000f01c2f3e6$8afbca60$0200a8c0@lynx>
2003-03-26 23:04 ` Rowan Reid
2003-03-27 15:04   ` Kelly Setzer

Reply instructions:

You may reply publicly to this message via plain-text email
using any one of the following methods:

* Save the following mbox file, import it into your mail client,
  and reply-to-all from there: mbox

  Avoid top-posting and favor interleaved quoting:
  https://en.wikipedia.org/wiki/Posting_style#Interleaved_style

* Reply using the --to, --cc, and --in-reply-to
  switches of git-send-email(1):

  git send-email \
    --in-reply-to=1048719086.3e822eeeb4d7e@www.spsul.com.br \
    --to=alexb@atix.com.br \
    --cc=netfilter@lists.netfilter.org \
    /path/to/YOUR_REPLY

  https://kernel.org/pub/software/scm/git/docs/git-send-email.html

* If your mail client supports setting the In-Reply-To header
  via mailto: links, try the mailto: link

Be sure your reply has a Subject: header at the top and a blank line before the message body.

This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.