Tugger the SLUGger!SLUG Mailing List Archives

RE: [SLUG] ip Accounting


So, -s is the source ip and -d is the destination. But what about mapping
the transfer of everyone? Is there no decent way to do this elegantly?
Or can the soruce be a range... but then the traffic needs to be allocated
to each indiv ip. is this possible?


dave

> Well, what you do is count outgoing traffic in the input chain, and
> incoming traffic in the output chain.
>
> For example,
>
> ipchains -A input -s "Joe's ip"
> ipchains -A output -d "Joe's ip"
>
> will work.
>
> You'll probably want to create a user-defined chain to minimise clutter if
> you have other (accounting or non-accounting) rules, e.g.,
>
> ipchains -N acctin
> ipchains -N acctout
> ipchains -A input -j acctin
> ipchains -A output -j acctout
>
> and then replace input/out above with acctin/acctout.
> --
> Debian GNU/Linux 2.1 is out! ( http://www.debian.org/ )
> Email:  Herbert Xu ~{PmV>HI~} <herbert@xxxxxxxxxxxxxxxxxxx>
> Home Page: http://gondor.apana.org.au/~herbert/
> PGP Key: http://gondor.apana.org.au/~herbert/pubkey.txt
>