> Thanks Stef. > But I've tried to see your examples and all graphs are broken. There are > no images at all. Can you fix that??? http://home.docum.org/qos/snmp.html or do you mean an other page ? (http://home.docum.org/stef.coene/qos/gui/rrd.html is an old page that has indeed broken images). > If you could send me an example attached (don't sendo to the list cause > someone may be angry with that) I'll be very happy... :-) Most of my scripts are downloadable. > > If you need more help, you can contact me. For the rrdtool, I recommend > > using an existing script and adapt it to your needs so you don't have to > > bother about the needed options. > > I have, at least for the moment, one question about iptables: > > Does I need to create another chain to sse the bytes like: > > iptables -N mychain > iptables -I INPUT -j mychain > iptables -I OUTPUT -j mychain > iptables -I FORWARD -j mychain > iptables -A mychain -p tcp --dport 22 -j ACCEPT > > Does I need to do that??? No. Each rule has a byte counter. But if you redirect all traffic you want to count to the same self-created chain, you can use the byte counter of that chain so you don't have to calculate the sum of the separated chains. > And, if I need, there's some security implication in doing that, I mean, > this way how other rules I need to block SSH for not welcomming IP's??? Put the counter rules at the end of the firewall script. And if you create new chain, you can use -j new_chain. So you don't accept/deny the packets but still have the counters. Stef -- stef.coene@docum.org "Using Linux as bandwidth manager" http://www.docum.org/ #lartc @ irc.oftc.net
