Counting eth0/1 throughput, iptables?
 

Hello,
I have a linux gateway that serves 3-4 other PCs. I have one incoming line and I want to have graphical stats about total incoming speed.
MRTG is the tool, that is obvious. So I need to get somehow the current incomming bandwitdh at every moment.
First, I thought about SNMP, but I don't think I will need such a thing for so elementary purpose - only to measure one traffic load.
Second, more complex solution came into my mind - iptables. Marking all workstatins with:
iptables -A FORWARD -d 192.168.0.x -j ACCEPT
and after that counting bytes with:
iptables -L FORWARD -n -v -x
but that would require sum of all numbers, plus additional rule to check the traffic generated by the gateway itself... again seems to complicated. If you can help me think out a single iptables rule that can give me the number you would be great.

Third, I thought about ifconfig stats. There is something like:
RX bytes:3882164704 (3.6 GiB) TX bytes:3614255734 (3.3 GiB)
I can get these bytes and pass them to MRTG, but what will happen after restart when they became zeros?

An iptables rule does not require a targret; i.e. you don't need a -j option on it. W/o a target it will just sit there and collect statistics for you. So If I understand your request and setup correctly, probably a single rule at the beginning of the FORWARD chain something like

would collect the statistics you want. I am assuming your incoming traffic is on a seperatate interface than your LAN. In addition or instead, you could match incoming with an address (such as ! 192.168.0.0/24, where the exclamation point means match anything else) or specifiy the output LAN interface with the -o option.

Currently I use the following script: