Hi Stef regarding the same topic if i use iptables -A INPUT -s 192.168.2.1 iam able to capture packets going fro 192.168.2.1 to any address how about any address coming to 192.168.2.1 this will be added in to same rule or i need to add another Rule iptables -A INPUT -d 192.168.2.1 hare ----- Original Message ----- From: "Stef Coene" <stef.coene@xxxxxxxxx> To: "hare ram" <hareram@xxxxxxxxxx>; <netfilter@xxxxxxxxxxxxxxx> Cc: <lartc@xxxxxxxxxxxxxxx> Sent: Wednesday, August 27, 2003 10:47 PM Subject: Re: [LARTC] Performanace fo the Iptables Server > On Wednesday 27 August 2003 19:03, hare ram wrote: > > Hi Stef > > > > thanks for the reply > > > > yes i would like to do accounting the source IP > > so i need to log them all the traffic, > > so i will know each IP how much transfering DATA > > > > with my configuration, is there any performance issue > > i may have more than thousands of passing through this firewall or qos > > server > > > > so my PC will have any performance issue or, > > this configuration need any modification > You don't have to log each packet to do accounting. If you create 1 iptables > rule for each src address, you know how many packets and bytes that that src > address transmitted. > > iptables -A INPUT -s 192.168.1.0 > iptables -A INPUT -s 192.168.1.1 > iptables -A INPUT -s 192.168.1.2 > > iptables -L -v -n > Chain INPUT (policy DROP 47 packets, 5842 bytes) > pkts bytes target prot opt in out source destination > 0 0 all -- * * 192.168.1.0 0.0.0.0/0 > 0 0 all -- * * 192.168.1.1 0.0.0.0/0 > 0 0 all -- * * 192.168.1.2 0.0.0.0/0 > > Stef > > -- > > stef.coene@xxxxxxxxx > "Using Linux as bandwidth manager" > http://www.docum.org/ > #lartc @ irc.oftc.net > > >
