On 18/07/12 22:11, Jozsef Kadlecsik wrote:
On Wed, 18 Jul 2012, Arturo Borrero wrote:I don't know how to collect: ? Data about ipset memory usage (kernel pages, bytes or whatever)"ipset list -terse" lists just the headers of the sets, including the amount of allocated bytes for every set. Best regards, Jozsef - E-mail : kadlec@xxxxxxxxxxxxxxxxx, kadlecsik.jozsef@xxxxxxxxxxxxx PGP key : http://www.kfki.hu/~kadlec/pgp_public_key.txt Address : Wigner Research Centre for Physics, Hungarian Academy of Sciences H-1525 Budapest 114, POB. 49, Hungary
Hi there, Now I have this output: root@rasca:~# ./nfstats # nfstats: some data about netfilter usage. # jue jul 19 13:19:20 CEST 2012 ########################################### Number of iptables rules: 25550 Number of ip6tables rules: 415 Total number of rules: 25965 Rules memory usage: 40 MB Average memory usage per rule: 1637 Bytes Number of created ipsets: 34 Ipset memory usage: 249 KB Netfilter modules memory usage: 333 KB Conntrack max connections to track: 64620 Number of tracked connections: 19 Conntrack memory usage: 152 KB Total netfilter memory usage: 41 MB System physical memory porcentage [%]: 4.08656What would be nice to add to get a more complete report? Any other advice or hint?
I will finish the script and then mail the list again for sharing the code. Best regards. -- Arturo Borrero González Departamento de Seguridad Informática Centro Informático Científico de Andalucía (CICA) Avda. Reina Mercedes s/n - 41012 - Sevilla (Spain) Tfno.: +34 955 056 600 / FAX: +34 955 056 650 Consejería de Economía, Innovación, Ciencia y Empleo Junta de Andalucía
Attachment:
smime.p7s
Description: S/MIME Cryptographic Signature
