Re: [LARTC] Performanace fo the Iptables Server

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



Hi Stef

regarding the same topic
if i use

iptables -A INPUT -s 192.168.2.1

iam able to capture packets going fro 192.168.2.1 to any address

how about any address coming to 192.168.2.1
this will be added in to same  rule

or i need to add another Rule

iptables -A INPUT -d 192.168.2.1

hare
----- Original Message -----
From: "Stef Coene" <stef.coene@xxxxxxxxx>
To: "hare ram" <hareram@xxxxxxxxxx>; <netfilter@xxxxxxxxxxxxxxx>
Cc: <lartc@xxxxxxxxxxxxxxx>
Sent: Wednesday, August 27, 2003 10:47 PM
Subject: Re: [LARTC] Performanace fo the Iptables Server


> On Wednesday 27 August 2003 19:03, hare ram wrote:
> > Hi Stef
> >
> > thanks for the reply
> >
> > yes i would like to do accounting the source IP
> > so i need to log them all the traffic,
> > so i will know each IP how much transfering DATA
> >
> > with my configuration, is there any performance issue
> > i may have more than thousands of passing through this firewall or qos
> > server
> >
> > so my PC will have any performance issue or,
> > this configuration need any modification
> You don't have to log each packet to do accounting.  If you create 1
iptables
> rule for each src address, you know how many packets and bytes that that
src
> address transmitted.
>
> iptables -A INPUT -s 192.168.1.0
> iptables -A INPUT -s 192.168.1.1
> iptables -A INPUT -s 192.168.1.2
>
> iptables -L -v -n
> Chain INPUT (policy DROP 47 packets, 5842 bytes)
>  pkts bytes target     prot opt in     out     source   destination
>     0     0            all  --  *      *       192.168.1.0
0.0.0.0/0
>     0     0            all  --  *      *       192.168.1.1
0.0.0.0/0
>     0     0            all  --  *      *       192.168.1.2
0.0.0.0/0
>
> Stef
>
> --
>
> stef.coene@xxxxxxxxx
>  "Using Linux as bandwidth manager"
>      http://www.docum.org/
>      #lartc @ irc.oftc.net
>
>
>



[Index of Archives]     [Linux Netfilter Development]     [Linux Kernel Networking Development]     [Netem]     [Berkeley Packet Filter]     [Linux Kernel Development]     [Advanced Routing & Traffice Control]     [Bugtraq]

  Powered by Linux