Re: Packets Counting

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 




I do not have time this instant to share the code but the outline of a packet counter I use is to create chain MANGLE_ACTIVITY in -t mangle, add a rule that simply RETURNs to MANGLE_ACTIVITY, Insert a jump to the MANGLE_ACTIVITY chain in -t mangle PREROUTING (so it is the first chain hit by all incoming packets), use whatever matches, like --sport or --dport (remember to specify protocol with port matches) and/or an interface match. Then, in a script (mine happens to be Perl), run "iptables -t mangle -nvL MANGLE_ACTIVITY" and pipe (|) it through grep to get the RETURN line with the packet count and pipe it through awk to pick off the packet count followed by "iptables -t mangle -Z MANGLE_ACTIVITY" to zero the counter, both in a loop with a sleep to get the interval (approximately).

Hope this helps.

Bill

(Without deadlines, we'd live forever.)



M. A. Imam wrote:
Can i record the the number of packets each 2 seconds with tcpdump. i can see packets with tcpdump but how to count it every 2 seconds


===== Original Message From edvin.seferovic@xxxxxxx =====
Maybe you should use tcpdump for testing purposes instead of using iptables.

Just my opinion.

Regards,

Edvin

-----Original Message-----
From: netfilter-bounces@xxxxxxxxxxxxxxxxxxx
[mailto:netfilter-bounces@xxxxxxxxxxxxxxxxxxx] On Behalf Of M. A. Imam
Sent: Mittwoch, 16. März 2005 16:56
To: netfilter@xxxxxxxxxxxxxxxxxxx
Subject: Packets Counting

Hi,

How can i count the number of packets on an interface evry 2 or 5 seconds.
and
i want to count only specific packets like only arriving packets from port
5001

Any ideas...

Muhammad





-- William Chappell, Software Engineer, Critical Technologies Inc. * Creativity * Diversity * Expertise * Flexibility * Integrity * Suite 400 Technology Center, 4th Floor 1001 Broad St, Utica NY 13501 315-793-0248 x148 FAX -9710 <bill.chappell@xxxxxxxxxxxx> www.critical.com




[Index of Archives]     [Linux Netfilter Development]     [Linux Kernel Networking Development]     [Netem]     [Berkeley Packet Filter]     [Linux Kernel Development]     [Advanced Routing & Traffice Control]     [Bugtraq]

  Powered by Linux