Thossapron Apinyapanha wrote:
i search a lot forum how to get bandwidth statistic such number of packet, total byte in each application protocol by using IPTABLES + netfilter-layer7
but i don't know which script for getting it in log file and use data after get it for plotting graph later
my IPTABLES command like this
iptables -t mangle -N all
iptables -t mangle -A POSTROUTING -j all
iptables -t mangle -A POSTROUTING -p udp --sport 4444 -j CLASSIFY --set-class 1:11
iptables -t mangle -A POSTROUTING -m layer7 --l7proto mms -j CLASSIFY --set-class 1:12
iptables -t mangle -A POSTROUTING -m layer7 --l7proto telnet -j CLASSIFY --set-class 1:13
iptables -t mangle -A POSTROUTING -m layer7 --l7proto ftp ftp-data -j CLASSIFY --set-class 1:14
iptables -t mangle -A POSTROUTING -m layer7 --l7proto http -j CLASSIFY --set-class 1:15
please advise me about perl script
Don't know about scripts as such - iptables -Lvn will give stats.
I think the above will need connmark aswell to work properly. I haven't
tried l7 but suspect the above rules will only classify the first
packets of each connection.
Andy.
_______________________________________________
LARTC mailing list
LARTC@xxxxxxxxxxxxxxx
http://mailman.ds9a.nl/cgi-bin/mailman/listinfo/lartc
