From: Raymond Leach <raymondl@knowledgefactory.co.za>
To: Netfilter Mailing List <netfilter@lists.netfilter.org>
Subject: Re: How to account traffic in IPTABLES?
Date: 07 Apr 2003 18:34:06 +0200 [thread overview]
Message-ID: <1049733245.4867.13.camel@raylinux.internal> (raw)
In-Reply-To: <3E887685.9070000@videotron.ca>
[-- Attachment #1: Type: text/plain, Size: 2829 bytes --]
Hi
Create an accounting chain:
IPTABLES=/sbin/iptables
### accounting chain
$IPTABLES -N accounting
$IPTABLES -A accounting -i eth0 -d $IP_INT_MAIL -j RETURN
$IPTABLES -A accounting -o eth0 -s $IP_INT_MAIL -j RETURN
$IPTABLES -A accounting -i eth0 -d $IP_INT_WEB7 -j RETURN
$IPTABLES -A accounting -o eth0 -s $IP_INT_WEB7 -j RETURN
$IPTABLES -A accounting -i eth0 -d $IP_INT_WEB1 -j RETURN
$IPTABLES -A accounting -o eth0 -s $IP_INT_WEB1 -j RETURN
$IPTABLES -A accounting -i eth0 -d $IP_INT_WEB3 -j RETURN
$IPTABLES -A accounting -o eth0 -s $IP_INT_WEB3 -j RETURN
$IPTABLES -A accounting -i eth0 -d $IP_INT_WEB4 -j RETURN
$IPTABLES -A accounting -o eth0 -s $IP_INT_WEB4 -j RETURN
$IPTABLES -A accounting -i eth0 -d $IP_INT_ORA2 -j RETURN
$IPTABLES -A accounting -o eth0 -s $IP_INT_ORA2 -j RETURN
$IPTABLES -A accounting -i eth2 -s $NET_INT -d ! $NET_DMZ -j RETURN
$IPTABLES -A accounting -o eth2 -s ! $NET_DMZ -d $NET_INT -j RETURN
$IPTABLES -A INPUT -j accounting
$IPTABLES -A FORWARD -j accounting
$IPTABLES -A OUTPUT -j accounting
Then to see the traffic use:
/sbin/iptables -nvL accounting
On Mon, 2003-03-31 at 19:10, Stephane Ouellette wrote:
> Bobo wrote:
>
> > HI
> >
> > I use the iptables + squid as the gateway of one LAN,and it is very good in fact.
> >
> > Now,I would like to get the traffic accounting of each IP of the LAN.
> >
> > How to get these data ? Does IPtables contain these data?
> >
> >
>
> try this one:
>
> iptables -nvL INPUT
>
> > Are there some tools for traffic accounting of iptables?
> >
> >
>
> The iptables command itself !!!
>
> > I could use perl and shell programing.Could I analyze the log file of iptables to account?
> >
> >
>
> in Perl:
>
> open(CHAINS, "iptables -nvL INPUT|") or die "Error reading chains\n";
>
> while(<CHAINS>)
> {
> # read the lines one by one, matching on the text you want
> }
>
> close(CHAINS);
>
> > Thanks
> >
> >
> >
> >
> >
> >
> >
>
>
--
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
( Raymond Leach )
) Knowledge Factory (
( )
) Tel: +27 11 445 8100 (
( Fax: +27 11 445 8101 )
) (
( http://www.knowledgefactory.co.za/ )
) http://www.saptg.co.za/ (
( http://www.mapnet.co.za/ )
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
o o
o o
.--. .--.
| o_o| |o_o |
| \_:| |:_/ |
/ / \\ // \ \
( | |) (| | )
/`\_ _/'\ /'\_ _/`\
\___)=(___/ \___)=(___/
[-- Attachment #2: This is a digitally signed message part --]
[-- Type: application/pgp-signature, Size: 189 bytes --]
prev parent reply other threads:[~2003-04-07 16:34 UTC|newest]
Thread overview: 5+ messages / expand[flat|nested] mbox.gz Atom feed top
2003-03-30 13:47 How to account traffic in IPTABLES? Bobo
2003-03-30 13:47 ` Bobo
2003-03-30 21:02 ` Steven Schmidt
2003-03-31 17:10 ` Stephane Ouellette
2003-04-07 16:34 ` Raymond Leach [this message]
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=1049733245.4867.13.camel@raylinux.internal \
--to=raymondl@knowledgefactory.co.za \
--cc=netfilter@lists.netfilter.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.