Re: (Ab)using iptables to record byte count per IP?

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



Thomas Jacob wrote:
On Fri, 2009-01-09 at 13:50 +0200, Artūras Šlajus wrote:
Richard Hartmann wrote:
 > Hi all,
 >
 > I need to log the traffic each local IP in a NAT'ed network generates
 > per day.
 >
 > Unfortunately, the environment is rather restricted and compiling new
 > software is not an option. Thus, I am wondering if I can abuse iptables,
 > which is in use anyway, to log for me, as well.
 >
 > The end result should be a log which contains IP, date and traffic
 > generated. I don't really care about the output format as I will perl it
 > into the format I need, anyway.

iptables -N ACCOUNTING
iptables -A FORWARD -j ACCOUNTING
iptables -A ACCOUNTING -s your_user_ip -j ACCEPT
iptables -A ACCOUNTING -d your_user_ip -j ACCEPT

bam, with iptables -L ACCOUNTING -n -v you can have packet/byte counters ;)

Or you could use the external extension ipt_ACCOUNT

http://www.intra2net.com/de/produkte/opensource/ipt_account/
which does the same much faster and you don't have to
specify lots of accounting rules. Unfortunately you need
to patch your kernel for that, if you want to use it
as is.

Whats needed and is anyone working towards getting that integrated properly?

AYJ
--
To unsubscribe from this list: send the line "unsubscribe netfilter" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at  http://vger.kernel.org/majordomo-info.html

[Index of Archives]     [Linux Netfilter Development]     [Linux Kernel Networking Development]     [Netem]     [Berkeley Packet Filter]     [Linux Kernel Development]     [Advanced Routing & Traffice Control]     [Bugtraq]

  Powered by Linux