* Using iptables for bandwidth mesurement
@ 2003-01-05 12:42 Marco_Simon
0 siblings, 0 replies; 3+ messages in thread
From: Marco_Simon @ 2003-01-05 12:42 UTC (permalink / raw)
To: netfilter
[-- Attachment #1: Type: text/html, Size: 1075 bytes --]
^ permalink raw reply [flat|nested] 3+ messages in thread
* Using iptables for bandwidth mesurement
@ 2003-01-06 10:43 Marco Simon
2003-01-08 9:03 ` Joel Newkirk
0 siblings, 1 reply; 3+ messages in thread
From: Marco Simon @ 2003-01-06 10:43 UTC (permalink / raw)
To: netfilter
Hello netfilter-group,
we are using iptables on our gateway-server for doing NAT and
package-filtering.
Actually one of our hosting-customers wants to be informed how much off
of our bandwidth to the internet (1.5 MBit maximum) is used, in order to avoid
that some of his "homepage - guests" are not able visite his site due lack of
bandwidth. Is there any way, how I can use IPtables for giving him a report
about the bandwith usage ? e.g. how can I get the current bandwidth - usage
on a special interface ?
The other point we need, is an report about the traffic which comes up between
our cusomers web-server (which is inside our lan, packages will have to pass the firewall) and the outside-world. How can I set up such a service using iptalbes ??
Thanks for any comment !
^ permalink raw reply [flat|nested] 3+ messages in thread
* Re: Using iptables for bandwidth mesurement
2003-01-06 10:43 Using iptables for bandwidth mesurement Marco Simon
@ 2003-01-08 9:03 ` Joel Newkirk
0 siblings, 0 replies; 3+ messages in thread
From: Joel Newkirk @ 2003-01-08 9:03 UTC (permalink / raw)
To: marco_simon, netfilter
On Monday 06 January 2003 05:43 am, Marco Simon wrote:
> Hello netfilter-group,
>
> we are using iptables on our gateway-server for doing NAT and
> package-filtering.
>
> Actually one of our hosting-customers wants to be informed how much
> off of our bandwidth to the internet (1.5 MBit maximum) is used, in
> order to avoid that some of his "homepage - guests" are not able
> visite his site due lack of bandwidth. Is there any way, how I can use
> IPtables for giving him a report about the bandwith usage ? e.g. how
> can I get the current bandwidth - usage on a special interface ?
>
> The other point we need, is an report about the traffic which comes up
> between our cusomers web-server (which is inside our lan, packages
> will have to pass the firewall) and the outside-world. How can I set
> up such a service using iptalbes ??
>
> Thanks for any comment !
Look into software packages that are addressed through the ULOG target to
perform detailed accounting of traffic. There are several available,
IIRC, which can sift, sort, and map the data collected on all the
traffic through the firewall, so long as you set an appropriate "-j
ULOG" rule.
A quick and dirty answer to part two is to use "iptables -L -v -n" and a
rule at the start of your FORWARD chain which does nothing but match ALL
traffic outbound from that customer's server, but has no target. The
rule will then count packets and bytes but not actually DO anything.
This is NOT a good solution, but you can use it for rough numbers over a
short period. (if the firewall is reset, or the counts reset, then
everything is lost) Just zero the counts, (iptables -Z, or iptables -Z
FORWARD) and after a period of time list the rules with "-v" and check
the packet and byte counts. If you want to try this without zeroing all
counts, just remove and reinsert the rule.
j
^ permalink raw reply [flat|nested] 3+ messages in thread
end of thread, other threads:[~2003-01-08 9:03 UTC | newest]
Thread overview: 3+ messages (download: mbox.gz follow: Atom feed
-- links below jump to the message on this page --
2003-01-06 10:43 Using iptables for bandwidth mesurement Marco Simon
2003-01-08 9:03 ` Joel Newkirk
-- strict thread matches above, loose matches on Subject: below --
2003-01-05 12:42 Marco_Simon
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox