Tugger the SLUGger!SLUG Mailing List Archives

Re: [SLUG] ip Accounting


On Thu, Jul 27, 2000 at 09:09:34PM +1000, Dave Kempe wrote:
> 
> For linux boxes that serve as masquerading gateways, it would be handy to
> determine what ips that are being masqueraded, are getting what amount of
> traffic. So you can tell, roughly, how much web surfing Joe in accounts is
> doing or who is chewing into your valuable bandwidth.

Well, what you do is count outgoing traffic in the input chain, and
incoming traffic in the output chain.

For example,

ipchains -A input -s "Joe's ip"
ipchains -A output -d "Joe's ip"

will work.

You'll probably want to create a user-defined chain to minimise clutter if
you have other (accounting or non-accounting) rules, e.g.,

ipchains -N acctin
ipchains -N acctout
ipchains -A input -j acctin
ipchains -A output -j acctout

and then replace input/out above with acctin/acctout.
-- 
Debian GNU/Linux 2.1 is out! ( http://www.debian.org/ )
Email:  Herbert Xu ~{PmV>HI~} <herbert@xxxxxxxxxxxxxxxxxxx>
Home Page: http://gondor.apana.org.au/~herbert/
PGP Key: http://gondor.apana.org.au/~herbert/pubkey.txt