iptables-save, iptables-restore, how to set up them in some script
I was curious, regarding download and upload I made on monthly basis so I set up some small but functional download counter like this :
iptables -N download
iptables -N upload
iptables -A INPUT -i eth1 -m state --state RELATED,ESTABLISHED -j download
iptables -A OUTPUT -o eth1 -j upload
....some other rules...
and it works, precisly count how much MB I download.
Using iptables-save -c > state_download.txt I can save it and
iptables-restore -c < state_download.txt restore it.
But here I am in some kind of loop, how to set up the last two steps automaticaly be done during shutdown/start-up process ?
For start-up process it is easy ...update-rc.d and so on, but how when machine is shutdown to save current state of iptables counters in some file and after starting it again, to start count from values writen in previous session.
Thanks in advance
The exact specifics will depend on your distro, but in general, you want to make a script (or edit an existing one) that's run at run level 6 (which is the shutdown run level). For Fedora (which calls the same as at startup, just with a 'stop' argument), you could edit the /etc/rc.d/rc6.d/K74iptables script to add your save command into the 'stop' procedure (K74iptables is just a symlink to /etc/init.d/iptables). Have a look to see how your particular distro shuts itself down. It'll be something similar to what I've described.
|All times are GMT -5. The time now is 03:09 AM.|