[prev in list] [next in list] [prev in thread] [next in thread] 

List:       netfilter
Subject:    Re: (Ab)using iptables to record byte count per IP?
From:       Thomas Jacob <jacob () internet24 ! de>
Date:       2009-01-09 11:55:26
Message-ID: 1231502126.24038.15.camel () enterprise ! ims-firmen ! de
[Download RAW message or body]

On Fri, 2009-01-09 at 13:50 +0200, Artūras Šlajus wrote:
> Richard Hartmann wrote:
>  > Hi all,
>  >
>  > I need to log the traffic each local IP in a NAT'ed network generates
>  > per day.
>  >
>  > Unfortunately, the environment is rather restricted and compiling new
>  > software is not an option. Thus, I am wondering if I can abuse iptables,
>  > which is in use anyway, to log for me, as well.
>  >
>  > The end result should be a log which contains IP, date and traffic
>  > generated. I don't really care about the output format as I will perl it
>  > into the format I need, anyway.
> 
> iptables -N ACCOUNTING
> iptables -A FORWARD -j ACCOUNTING
> iptables -A ACCOUNTING -s your_user_ip -j ACCEPT
> iptables -A ACCOUNTING -d your_user_ip -j ACCEPT
> 
> bam, with iptables -L ACCOUNTING -n -v you can have packet/byte counters ;)

Or you could use the external extension ipt_ACCOUNT

http://www.intra2net.com/de/produkte/opensource/ipt_account/ 

which does the same much faster and you don't have to
specify lots of accounting rules. Unfortunately you need
to patch your kernel for that, if you want to use it
as is.

["signature.asc" (application/pgp-signature)]
--
To unsubscribe from this list: send the line "unsubscribe netfilter" in
the body of a message to majordomo@vger.kernel.org
More majordomo info at  http://vger.kernel.org/majordomo-info.html

[prev in list] [next in list] [prev in thread] [next in thread]