Hello, Le dimanche 22 juillet 2012 à 20:22 -0700, Yucong Sun (叶雨飞) a écrit : > Hi, > > I need a way to account traffic (bytes) for ~500 ips (fixed), and it > seems creating a plain 500 rules will affect the performance a lot. > Without implement layered rule (like a binary search?) , is there > something existing to do automatic hashing? > Things like hashlimit is great, but I don't need limit matching > function, just a way to create a hashtable and count bytes and > packets. > > If there's none, I suppose it would easy enough to fork some hashlimit > code to do this. You can have a look at how ulogd2 and nfacct can be used for accounting: https://home.regit.org/2012/07/flow-accounting-with-netfilter-and-ulogd2/ BR, -- Eric Leblond Blog: http://home.regit.org/ - Portfolio: http://regit.500px.com/
Attachment:
signature.asc
Description: This is a digitally signed message part
