Re: explanation of the syslog LEN and WINDOW entries

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



So for TCP do I add all the LEN fields only?

If I have a thousand log entries and all the LEN fields are 60 did I
use 60,000 bit's?

Or is it Bytes?

In UDP do I add both LEN fields?



On Wed, Oct 28, 2009 at 9:11 AM, Richard Horton
<richard.horton@xxxxxxxxxxxxxx> wrote:
>
>
> 2009/10/28 Jeff Jensen <jjensen@xxxxxxxxxxx>
>>
>> Thanks Richard, So there is no parameter (or combination of
>> parameters) in the syslog entry stating actual packet size?
>>
>> Hmmmm????
>>
>> The boss wants to know how much bandwidth is used by the different
>> app's we allow. I have some unique app's that run on unique port(s)
>> and rules that log all packets. I set the --log-prefix= to something
>> unique to that app and every day sort it out into individual files. I
>> was hoping to aggregate all the entries to a total bandwidth out and
>> it.
>
>
> For estimating individual application usage they'll be fine, was thinking
> more along not using the len fields for estimating total consumed bandwidth
> (as IP tables only deals with ip traffic and so will miss other forms of
> traffic, ipx, appletalk, arp etc)
>
>
--
To unsubscribe from this list: send the line "unsubscribe netfilter" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at  http://vger.kernel.org/majordomo-info.html

[Index of Archives]     [Linux Netfilter Development]     [Linux Kernel Networking Development]     [Netem]     [Berkeley Packet Filter]     [Linux Kernel Development]     [Advanced Routing & Traffice Control]     [Bugtraq]

  Powered by Linux