Re: Bytes counter with iptables

[Norman Schmidt <Norman.Schmidt@chemie.stud.uni-erlangen.de>]

Hi!

I want to do the same with ipchains (2.2.19 kernel).

There is a debian package (can´t remember the name) which inserts more
ipchains rules into the ruleset. The packets go through these rules
unchanged, they´re just counted. The problem is that with ipchains, I
would need quite a lot of rules to count for 256 connected hosts
individually, and in addition to that to count the volume that costs us
and the volume that doesn´t cost (university-internally) seperately.

The problem with using the iptables counters is quite the same.

net-acctd seems to count for each connection seperately, not by host, so
you have to build sums yourself out of the logfiles. It doesn´t have to
insert lots of additional ipchains-rules, but, as you mentioned, might
count wrongly, especially under high load.
Is there a better documentaiton for the naccttab syntax? I´m afraid it
is far too unprecise, and I can´t try everything out.

Any other ideas or docs for net-acct?

Thanks, NOrman.


kreso@usa.net wrote:
> 
> I suggest to check net-acctd before giving suggestions to use it 

-- 

--
Norman Schmidt             Universitaet Erlangen-Nuernberg
cand.chem.                 Sysadmin Wohnheimnetzwerk RatNET
mailto:schmidt@naa.net