LinuxQuestions.org
LinuxAnswers - the LQ Linux tutorial section.
Go Back   LinuxQuestions.org > Forums > Linux Forums > Linux - Software
User Name
Password
Linux - Software This forum is for Software issues.
Having a problem installing a new program? Want to know which application is best for the job? Post your question in this forum.

Notices



Reply
 
Search this Thread
Old 02-12-2009, 04:30 AM   #1
priyadarshan
Member
 
Registered: Feb 2009
Location: Ahmedabad, Gujarat, India
Posts: 197

Rep: Reputation: Disabled
Question IPTables Show data transferred size in KB, MB


I have used IPTable rules to implement bandwidth usage on per IP per port base.....All things work fine......But when I put command

iptables -nvL

than it shows data transfered in bytes only....I want to see things in KB or MB what shud I do???
 
Old 02-12-2009, 04:35 AM   #2
datopdog
Member
 
Registered: Feb 2008
Location: JHB South Africa
Distribution: Centos, Kubuntu, Cross LFS, OpenSolaris
Posts: 806

Rep: Reputation: 41
are u sure as i do see traffic in MB and GB
 
Old 02-12-2009, 04:41 AM   #3
priyadarshan
Member
 
Registered: Feb 2009
Location: Ahmedabad, Gujarat, India
Posts: 197

Original Poster
Rep: Reputation: Disabled
Yes sir, I am sure.......

See sir I am posting here the rules I have deployed

Just a min sir
 
Old 02-12-2009, 04:46 AM   #4
datopdog
Member
 
Registered: Feb 2008
Location: JHB South Africa
Distribution: Centos, Kubuntu, Cross LFS, OpenSolaris
Posts: 806

Rep: Reputation: 41
It could be that the traffic that has matched those rules has not hit the MB levels yet
 
Old 02-12-2009, 04:48 AM   #5
priyadarshan
Member
 
Registered: Feb 2009
Location: Ahmedabad, Gujarat, India
Posts: 197

Original Poster
Rep: Reputation: Disabled
iptables -A INPUT -s 192.168.1.0/10 -j sys
iptables -A INPUT -d 192.168.1.0/10 -j sys

iptables -A INPUT -s 10.10.135.0/24 -j sys_
iptables -A INPUT -d 10.10.135.0/24 -j sys_

I have developed two subchains sys and sys_

iptables -A sys -d 192.168.1.9
iptables -A sys -d 192.168.1.9 -p tcp --dport 80
iptables -A sys -d 192.168.1.9 -p tcp --sport 80

iptables -A sys -s 192.168.1.9
iptables -A sys -s 192.168.1.9 -p tcp --dport 80
iptables -A sys -s 192.168.1.9 -p tcp --sport 80



iptables -A sys_ -d 10.10.135.22
iptables -A sys_ -d 10.10.135.22 -p tcp --dport 80
iptables -A sys_ -d 10.10.135.22 -p tcp --sport 80

iptables -A sys_ -s 10.10.135.22
iptables -A sys_ -s 10.10.135.22 -p tcp --dport 80
iptables -A sys_ -s 10.10.135.22 -p tcp --sport 80
 
Old 02-12-2009, 04:49 AM   #6
priyadarshan
Member
 
Registered: Feb 2009
Location: Ahmedabad, Gujarat, India
Posts: 197

Original Poster
Rep: Reputation: Disabled
But sir It is hitting to KBs...........

Should I try to make it in MB????
 
Old 02-12-2009, 04:49 AM   #7
win32sux
Guru
 
Registered: Jul 2003
Location: Los Angeles
Distribution: Ubuntu
Posts: 9,870

Rep: Reputation: 371Reputation: 371Reputation: 371Reputation: 371
Quote:
Originally Posted by priyadarshan View Post
iptables -A INPUT -s 192.168.1.0/10 -j sys
iptables -A INPUT -d 192.168.1.0/10 -j sys

iptables -A INPUT -s 10.10.135.0/24 -j sys_
iptables -A INPUT -d 10.10.135.0/24 -j sys_

I have developed two subchains sys and sys_

iptables -A sys -d 192.168.1.9
iptables -A sys -d 192.168.1.9 -p tcp --dport 80
iptables -A sys -d 192.168.1.9 -p tcp --sport 80

iptables -A sys -s 192.168.1.9
iptables -A sys -s 192.168.1.9 -p tcp --dport 80
iptables -A sys -s 192.168.1.9 -p tcp --sport 80



iptables -A sys_ -d 10.10.135.22
iptables -A sys_ -d 10.10.135.22 -p tcp --dport 80
iptables -A sys_ -d 10.10.135.22 -p tcp --sport 80

iptables -A sys_ -s 10.10.135.22
iptables -A sys_ -s 10.10.135.22 -p tcp --dport 80
iptables -A sys_ -s 10.10.135.22 -p tcp --sport 80
What is this? Some of these rules don't even have targets.

Could you post the actual output of "iptables -nvL", which is what you are having trouble with?

BTW, I'm moving this to Software, as it's not a security issue.

Last edited by win32sux; 02-12-2009 at 04:51 AM.
 
Old 02-12-2009, 04:52 AM   #8
priyadarshan
Member
 
Registered: Feb 2009
Location: Ahmedabad, Gujarat, India
Posts: 197

Original Poster
Rep: Reputation: Disabled
Yes sir I did some mistakes while writing the things......But those rules are working properly......

The command
iptables -nvL is showing the packets as well as data transferred per IP as well as per post number.........but only in bytes..............
 
Old 02-12-2009, 04:58 AM   #9
priyadarshan
Member
 
Registered: Feb 2009
Location: Ahmedabad, Gujarat, India
Posts: 197

Original Poster
Rep: Reputation: Disabled
pkts bytes targets prot opt in out source destination
258 44229 0 -- * * 0.0.0.0/24 10.10.135.22

These things come as output....
 
Old 02-12-2009, 05:00 AM   #10
win32sux
Guru
 
Registered: Jul 2003
Location: Los Angeles
Distribution: Ubuntu
Posts: 9,870

Rep: Reputation: 371Reputation: 371Reputation: 371Reputation: 371
The content below the bytes column should indeed make use of "M" (or whatever) whenever needed. I assume there's a fixed cutoff point/policy for the switch to happen but I don't know what it is. For example, the box I'm using right now looks like:
Code:
win32sux@batcave:~$ sudo iptables -nvL
Chain INPUT (policy DROP 772 packets, 168K bytes)
 pkts bytes target     prot opt in     out     source               destination         
1270K  840M ACCEPT     all  --  *      *       0.0.0.0/0            0.0.0.0/0           state RELATED,ESTABLISHED 
  173 11290 ACCEPT     all  --  lo     *       0.0.0.0/0            0.0.0.0/0           

Chain FORWARD (policy DROP 0 packets, 0 bytes)
 pkts bytes target     prot opt in     out     source               destination         

Chain OUTPUT (policy ACCEPT 1484K packets, 975M bytes)
 pkts bytes target     prot opt in     out     source               destination         
win32sux@batcave:~$

Last edited by win32sux; 02-12-2009 at 05:08 AM.
 
Old 02-12-2009, 05:06 AM   #11
win32sux
Guru
 
Registered: Jul 2003
Location: Los Angeles
Distribution: Ubuntu
Posts: 9,870

Rep: Reputation: 371Reputation: 371Reputation: 371Reputation: 371
If the idea behind all of this is that you wish to use the command in a script, then maybe use the -x option in order to force all byte counters to be exact (in bytes) and then just have the script perform basic division in order to obtain KB/MB/GB/TB/etc.
Code:
iptables -nvxL
 
Old 02-12-2009, 05:16 AM   #12
priyadarshan
Member
 
Registered: Feb 2009
Location: Ahmedabad, Gujarat, India
Posts: 197

Original Poster
Rep: Reputation: Disabled
ok SIR.......

I too have tried iptables -nxvl but it shows the same.....

No probs.....

Now I am trying to make the data transfer till MBs so then I will see weather it works or not.......

Thanks............
 
Old 02-12-2009, 05:19 AM   #13
priyadarshan
Member
 
Registered: Feb 2009
Location: Ahmedabad, Gujarat, India
Posts: 197

Original Poster
Rep: Reputation: Disabled
Sir I got it when I reached above 100 KB transfer thanks..........
 
Old 02-12-2009, 05:27 AM   #14
win32sux
Guru
 
Registered: Jul 2003
Location: Los Angeles
Distribution: Ubuntu
Posts: 9,870

Rep: Reputation: 371Reputation: 371Reputation: 371Reputation: 371
If you want a command to check the count for a certain rule, try something like:
Code:
iptables -nvxL INPUT --line-numbers | grep ^2 | awk '{print $3/1024" KB"}'
This example would show you the count in kilobytes for the second rule of the INPUT chain. To get it to show megabytes just change the division and the text you want to be output:
Code:
iptables -nvxL INPUT --line-numbers | grep ^2 | awk '{print $3/1048576" MB"}'
Example of this approach in action on my box:
Code:
win32sux@batcave:~$ sudo iptables -nvxL INPUT --line-numbers | grep ^1
1     1271279 840970742 ACCEPT     all  --  *      *       0.0.0.0/0            0.0.0.0/0           state RELATED,ESTABLISHED 
win32sux@batcave:~$ sudo iptables -nvxL INPUT --line-numbers | grep ^1 | awk '{print $3/1048576" MB"}'
802.012 MB
win32sux@batcave:~$

Last edited by win32sux; 02-12-2009 at 05:30 AM.
 
  


Reply


Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off


Similar Threads
Thread Thread Starter Forum Replies Last Post
phpsysinfo do show wrong HD size? JussiKp Linux - Software 1 11-24-2006 08:51 PM
calculate amount of data transferred to certain ip addresses dtra Linux - Software 0 11-07-2005 08:57 PM
Why does linux show less size of CD? aristarchus Debian 3 10-20-2005 03:34 AM
show size of all filesin a directory watashiwaotaku7 Linux - Newbie 4 09-30-2003 12:49 AM
Transferred data from old HD to New HD,MYSQL ERRORS "HELP" brandog Linux - Software 2 05-01-2003 08:22 AM


All times are GMT -5. The time now is 03:28 PM.

Main Menu
Advertisement
My LQ
Write for LQ
LinuxQuestions.org is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
Syndicate
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
identi.ca: @linuxquestions
Facebook: linuxquestions Google+: linuxquestions
Open Source Consulting | Domain Registration