[prev in list] [next in list] [prev in thread] [next in thread] 

List:       netfilter
Subject:    Re: (Ab)using iptables to record byte count per IP?
From:       "Payam Chychi" <pchychi () gmail ! com>
Date:       2009-01-09 15:23:16
Message-ID: f08c15d10901090723h3c3f0edbhbc4dfe674fbd653b () mail ! gmail ! com
[Download RAW message or body]

Hi,

Thats possible by using the pre-nat table. You will need to place an
accept all rule for each individual /32 ip address that you want to do
accounting for ( I use accept so that I can see all traffic destined
for the ip)

-Payam


On Fri, Jan 9, 2009 at 3:27 AM, Richard Hartmann
<richih.mailinglist@gmail.com> wrote:
> Hi all,
>
> I need to log the traffic each local IP in a NAT'ed network generates
> per day.
>
> Unfortunately, the environment is rather restricted and compiling new
> software is not an option. Thus, I am wondering if I can abuse iptables,
> which is in use anyway, to log for me, as well.
>
> The end result should be a log which contains IP, date and traffic
> generated. I don't really care about the output format as I will perl it
> into the format I need, anyway.
>
>
> Thanks for all input,
> Richard
> --
> To unsubscribe from this list: send the line "unsubscribe netfilter" in
> the body of a message to majordomo@vger.kernel.org
> More majordomo info at  http://vger.kernel.org/majordomo-info.html
>



-- 
Payam Tarverdyan Chychi
Network Security Specialist / Network Engineer
--
To unsubscribe from this list: send the line "unsubscribe netfilter" in
the body of a message to majordomo@vger.kernel.org
More majordomo info at  http://vger.kernel.org/majordomo-info.html
[prev in list] [next in list] [prev in thread] [next in thread]