Iptables, traffic logging

burn0ut · 12-08-2004, 06:40 PM

Yow, I am using iptrafficvolume.sourceforge.net to log a servers traffic. The script logs traffic when the iptable begins with ACC-
BUT, when I trie to make an iptable rule for a counterstrike server, he cant log it.
I thought this lines where good to log his traffic:

Code:

iptables -N ACC-cs1
iptables -A ACC-cs1 -s ! xxx.xxx.xxx.xxx -d xxx.xxx.xxx.xxx --protocol tcp --destination-port 27015 -j ACCEPT
iptables -A ACC-cs1 -s xxx.xxx.xxx.xxx -d ! xxx.xxx.xxx.xxx --protocol tcp --destination-port 27015 -j ACCEPT
iptables -I INPUT -i eth0 -j ACC-cs1
iptables -I OUTPUT -o eth0 -j ACC-cs1

Where do I make a mistake?

burn0ut · 12-09-2004, 01:54 AM

Does nobody know an answer to this problem?

Has somebody another solution to monitor gameservers network traffic?

burn0ut · 12-09-2004, 10:07 AM

Comon, you aren't going to say me that there is nobody who kan make iptables to log all traffic on port 27015, I just cant make it work.

Demonbane · 12-09-2004, 07:35 PM

add this to your ACC-cs1 chain:

Code:

iptables -N ACC-cs1
iptables -A ACC-cs1 -p tcp --dport 27015 -j LOG --log-prefix="CS Traffic"
iptables -A ACC-cs1 -s ! xxx.xxx.xxx.xxx -d xxx.xxx.xxx.xxx --protocol tcp --destination-port 27015 -j ACCEPT
iptables -A ACC-cs1 -s xxx.xxx.xxx.xxx -d ! xxx.xxx.xxx.xxx --protocol tcp --destination-port 27015 -j ACCEPT

burn0ut · 12-11-2004, 04:08 AM

Thx!

After searching a long time, I found that I made a big mistake. Most gameservers use the UDP protocol to send traffic...
So I changed my rules a bit (also the destination port) and now they work! Thx