Re: IPTables and QOS
I use the following iptables setup:
berbara root # iptables -L -v
Chain INPUT (policy ACCEPT 0 packets, 0 bytes)
pkts bytes target prot opt in out source
destination
16 768 DROP tcp -- ppp0 any anywhere anywhere
tcp dpt:netbios-ssn
7510 5396K alex all -- ppp0 any anywhere anywhere
524K 505M ACCEPT all -- !ppp0 any anywhere anywhere
Chain FORWARD (policy DROP 0 packets, 0 bytes)
pkts bytes target prot opt in out source
destination
0 0 DROP all -- ppp0 ppp0 anywhere anywhere
13055 1839K paal all -- !ppp0 ppp0 paal anywhere
12157 5629K paal all -- ppp0 !ppp0 anywhere paal
4812 582K heidi all -- !ppp0 ppp0 heidi anywhere
5804 3684K heidi all -- ppp0 !ppp0 anywhere heidi
Chain OUTPUT (policy ACCEPT 0 packets, 0 bytes)
pkts bytes target prot opt in out source
destination
6688 452K alex all -- any ppp0 anywhere anywhere
525K 505M ACCEPT all -- any !ppp0 anywhere anywhere
Chain alex (2 references)
pkts bytes target prot opt in out source
destination
6688 452K ACCEPT all -- any ppp0 anywhere anywhere
7510 5396K ACCEPT all -- any any anywhere anywhere
Chain heidi (2 references)
pkts bytes target prot opt in out source
destination
10616 4266K ACCEPT all -- any any anywhere anywhere
Chain paal (2 references)
pkts bytes target prot opt in out source
destination
25212 7468K ACCEPT all -- any any anywhere anywhere
I use a simple php script to get som usefull information, and log each day to
a postgresql database, and clear the tables bandwith at 00:00
If you want to look at the php output, go to:
http://alex.wigen.net/net/
Mail me if you want the source
Cheers
Alex
On Monday 17 March 2003 22:47, n/a wrote:
> Hello People,
>
> I'd like to know if it is at all possible to filter (generate bandwith
> logs) for each (internal) IP on a LAN ? The idea is that someone is sharing
> an internet connection but does not want his transfer block to run out
> before the end of the month with someone else using up all of the bytes.
> Thus there is some need to keep track of the amount of data a single IP has
> used allready.
>
> I thought about using QOS (iproute / tc) but, as far as i could find out by
> now, iproute/tc do not seem to provide such single-ip monitorig feature.
>
>
> Regards,
>
> Joris
Reply to: