From mboxrd@z Thu Jan  1 00:00:00 1970
From: Stef Coene <stef.coene@docum.org>
Date: Wed, 27 Aug 2003 17:17:00 +0000
Subject: Re: [LARTC] Performanace fo the Iptables Server
Message-Id: <marc-lartc-106200473517224@msgid-missing>
List-Id: <lartc.vger.kernel.org>
References: <marc-lartc-106196327503921@msgid-missing>
In-Reply-To: <marc-lartc-106196327503921@msgid-missing>
MIME-Version: 1.0
Content-Type: text/plain; charset="us-ascii"
Content-Transfer-Encoding: 7bit
To: lartc@vger.kernel.org

On Wednesday 27 August 2003 19:03, hare ram wrote:
> Hi Stef
>
> thanks for the reply
>
> yes i would like to do accounting the source IP
> so i need to log them all the traffic,
> so i will know each IP how much transfering DATA
>
> with my configuration, is there any performance issue
> i may have more than thousands of passing through this firewall or qos
> server
>
> so my PC will have any performance issue or,
> this configuration need any modification
You don't have to log each packet to do accounting.  If you create 1 iptables 
rule for each src address, you know how many packets and bytes that that src 
address transmitted.

iptables -A INPUT -s 192.168.1.0
iptables -A INPUT -s 192.168.1.1
iptables -A INPUT -s 192.168.1.2

iptables -L -v -n
Chain INPUT (policy DROP 47 packets, 5842 bytes)
 pkts bytes target     prot opt in     out     source   destination
    0     0            all  --  *      *       192.168.1.0          0.0.0.0/0
    0     0            all  --  *      *       192.168.1.1          0.0.0.0/0
    0     0            all  --  *      *       192.168.1.2          0.0.0.0/0

Stef

-- 

stef.coene@docum.org
 "Using Linux as bandwidth manager"
     http://www.docum.org/
     #lartc @ irc.oftc.net

_______________________________________________
LARTC mailing list / LARTC@mailman.ds9a.nl
http://mailman.ds9a.nl/mailman/listinfo/lartc HOWTO: http://lartc.org/