sqn 01-07-2004 05:25 PM

trafic acounting with iptables
I'm trying to count my trafic with iptables. Here i put the script use to count my trafic:
------- start script -------
iptables -N ACCT

iptables -I FORWARD -j ACCT
iptables -A ACCT -s -d -o eth0
iptables -A ACCT -s -d -i eth0

------- end script ----------

I use an cable modem link, with an fixed IP adress, my out interface is eth0 and inside interface is eth1.
I'm trying to count the trafic my inside machine are making. Can you help me, because my script doesn't seam to work

THX in advance

g-rod 01-07-2004 07:11 PM

I am not quit sure what you want to do but you can find how many packets/bytes have gone though a rule with
iptables -L -n -v;
Hope that helps.

leckie 01-08-2004 06:32 AM

u really need a helper program to do this. i use ipacsum
download from freshmeat have fun more then enough info in readme files.

Noerr 01-08-2004 09:26 AM

whatever rule you setup with iptables it will count all data going through
let say you wanna know howmuch www you are using do this

iptables -I FORWARD -p tcp -s --dport 80
or how much data comes in through http
iptables -I FORWARD -p tcp -d --sport 80

then do
iptables -L FORWARD -v
and you will get all counters

You want to zero counters do
iptables -Z FORWARD

please note that you don't even need to do any jump (-j SOMEWHARE) -- don't do -j ACCEPT, because it may mess up your firewall. Also make sure to include your counter before forwarding rules, otherwise won't count

sqn 01-08-2004 04:34 PM

Thx for your help it's working now :)
Noerr: Thx man this is the stuff i was looking for thax again.
leckie: Your help will be tested :) thx to you to man

