Hello Which kernel are you using ? Conntrack usage in ulogd2 (pablo's proposal) only requires a kernel > 2.6.14. BR Usuário do Sistema <maiconlp@xxxxxxxxx> a écrit : >Thanks everyone, but I'm using iptables 1.3.5 which there isn't some >library and for some issue I can't install iptables 1.4.x currently. > >anyone suggest an other way ? > > >thanks > > > > > > >2011/11/4 Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>: >> On Thu, Nov 03, 2011 at 08:26:24PM +0100, Jan Engelhardt wrote: >>> On Thursday 2011-11-03 17:41, Usuário do Sistema wrote: >>> >>> >Hello everyone, I'm using an RHE 5.5 machine for firewall and I would >>> >like know how many connections are been handled for my firewall >>> >iptables in an time of day as well as how many connections per second. >>> >>> `conntrack -L` will show you how many active CTs there. The number of >>> ct/sec can be calculated by monitoring `conntrack -Ee NEW` over a time >>> quantum chosen by you. >> >> I think using ulogd2 with the flow accounting and making some custom >> scripts to process the logs would make the trick. >> >> The conntrack utility is designed to know what is going on right now >> in the firewall. For accumulated stats, ulogd2 can make it better. >> >> P.S: Jan, there's some people waiting for comments on your >> xtables-addons stuff in netfilter-devel, in case that you didn't >> notice. >> >-- >To unsubscribe from this list: send the line "unsubscribe netfilter" in >the body of a message to majordomo@xxxxxxxxxxxxxxx >More majordomo info at http://vger.kernel.org/majordomo-info.html ��.n��������+%������w��{.n����z���)��jg��������ݢj����G�������j:+v���w�m������w�������h�����٥