Hi Stef How about Source and Desitination port, and protocol wise bytes transfer ( like http, ftp, icmp, udp), if i want to track. next limitation, if the Server goes down, the traffic will be zero, that will be another Limitation If i send the all the traffic to Mysql, so i can get the old data to. may be you can correct me if, i may be wrong thinking correct me with the best methods to do hare ----- Original Message ----- From: "Stef Coene" <stef.coene@xxxxxxxxx> To: "hare ram" <hareram@xxxxxxxxxx>; <netfilter@xxxxxxxxxxxxxxx> Cc: <lartc@xxxxxxxxxxxxxxx> Sent: Wednesday, August 27, 2003 10:47 PM Subject: Re: [LARTC] Performanace fo the Iptables Server > On Wednesday 27 August 2003 19:03, hare ram wrote: > > Hi Stef > > > > thanks for the reply > > > > yes i would like to do accounting the source IP > > so i need to log them all the traffic, > > so i will know each IP how much transfering DATA > > > > with my configuration, is there any performance issue > > i may have more than thousands of passing through this firewall or qos > > server > > > > so my PC will have any performance issue or, > > this configuration need any modification > You don't have to log each packet to do accounting. If you create 1 iptables > rule for each src address, you know how many packets and bytes that that src > address transmitted. > > iptables -A INPUT -s 192.168.1.0 > iptables -A INPUT -s 192.168.1.1 > iptables -A INPUT -s 192.168.1.2 > > iptables -L -v -n > Chain INPUT (policy DROP 47 packets, 5842 bytes) > pkts bytes target prot opt in out source destination > 0 0 all -- * * 192.168.1.0 0.0.0.0/0 > 0 0 all -- * * 192.168.1.1 0.0.0.0/0 > 0 0 all -- * * 192.168.1.2 0.0.0.0/0 > > Stef > > -- > > stef.coene@xxxxxxxxx > "Using Linux as bandwidth manager" > http://www.docum.org/ > #lartc @ irc.oftc.net > >
