From mboxrd@z Thu Jan 1 00:00:00 1970 From: Rick Goh Siow Mong rickgoh@cyberway.com.sg Date: Fri, 12 Jan 2001 13:31:32 +0000 Subject: [LARTC] IMPT!!! - What software to use to gauge if Bandwidth control is working/successful ?? Message-Id: List-Id: References: In-Reply-To: MIME-Version: 1.0 Content-Type: text/plain; charset="us-ascii" Content-Transfer-Encoding: 7bit To: lartc@vger.kernel.org 
I have tried IPCHAINS IP Accounting.

However, the amount of traffic as accounted for by IPCHAINS for the amount
of bandwidth going through the ports of my linux box, is not accurate at
all. In fact, the number is completely off!

Could u send me your ipchains scripts? thanks in advance.

*******************************************
Below is what i did, which give me the wrong figures. Am I missing something
here??

In rc.firewall, i added the following lines:

# To accept traf-stats for MRTG
/sbin/ipchains -N web
/sbin/ipchains -A web -j ACCEPT
/sbin/ipchains -N ftp
/sbin/ipchains -A ftp -j ACCEPT
/sbin/ipchains -N dns
/sbin/ipchains -A dns -j ACCEPT
/sbin/ipchains -N telnet
/sbin/ipchains -A telnet -j ACCEPT
/sbin/ipchains -A input -p tcp --dport www -j web
/sbin/ipchains -A output -p tcp --sport www -j web
/sbin/ipchains -A input -p udp --dport www -j web
/sbin/ipchains -A output -p udp --sport www -j web
/sbin/ipchains -A input -p tcp --dport ftp -j ftp
/sbin/ipchains -A output -p tcp --sport ftp -j ftp
/sbin/ipchains -A input -p tcp --dport domain -j dns
/sbin/ipchains -A output -p tcp --sport domain -j dns
/sbin/ipchains -A input -p udp --dport domain -j dns
/sbin/ipchains -A output -p udp --sport domain -j dns
/sbin/ipchains -A input -p tcp --dport telnet -j telnet
/sbin/ipchains -A output -p tcp --sport telnet -j telnet


traffic.sh  -->  the script to be run under MRTG.

#!/bin/sh
#Courtesy of xidus.net.
statname=$1
uptime=unused
stat=`cat /proc/net/ip_fwchains | grep $statname | tail -1 | awk '{print
$10}'`
echo $stat
echo $stat
echo $statname
echo $uptime