Re: Numeber of connections

Eric Leblond <eric@xxxxxxxxx> · Fri, 04 Nov 2011 20:47:23 +0100

Hello

Which kernel are you using ? Conntrack usage in ulogd2 (pablo's proposal) only requires a kernel > 2.6.14.

BR

Usuário do Sistema <maiconlp@xxxxxxxxx> a écrit :

>Thanks everyone, but I'm using iptables 1.3.5 which there isn't some
>library and for some issue I can't install iptables 1.4.x currently.
>
>anyone suggest an other way ?
>
>
>thanks
>
>
>
>
>
>
>2011/11/4 Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>:
>> On Thu, Nov 03, 2011 at 08:26:24PM +0100, Jan Engelhardt wrote:
>>> On Thursday 2011-11-03 17:41, Usuário do Sistema wrote:
>>>
>>> >Hello everyone, I'm using an RHE 5.5 machine for firewall and I would
>>> >like know how many connections are been handled for my firewall
>>> >iptables in an time of day as well as how many connections per second.
>>>
>>> `conntrack -L` will show you how many active CTs there. The number of
>>> ct/sec can be calculated by monitoring `conntrack -Ee NEW` over a time
>>> quantum chosen by you.
>>
>> I think using ulogd2 with the flow accounting and making some custom
>> scripts to process the logs would make the trick.
>>
>> The conntrack utility is designed to know what is going on right now
>> in the firewall. For accumulated stats, ulogd2 can make it better.
>>
>> P.S: Jan, there's some people waiting for comments on your
>> xtables-addons stuff in netfilter-devel, in case that you didn't
>> notice.
>>
>--
>To unsubscribe from this list: send the line "unsubscribe netfilter" in
>the body of a message to majordomo@xxxxxxxxxxxxxxx
>More majordomo info at  http://vger.kernel.org/majordomo-info.html
��.n��������+%������w��{.n����z��׫�)��jg��������ݢj����G�������j:+v���w�m������w�������h�����٥