After further testing I've determined that I'm wrong about the post_nat requirement. I inserted some old fashion iptables dst ulog to determine if ulog was being sent the private address on inbound and it turns out it is :)
In regards to pmacctd, that's my current semi-functional setup. The issue is it catches all sorts of extra data like broadcasts and multicasts and others? i used the libcap filter rule to ignore host router, but there's still about 10GB of wrong data which is problematic so i'm hoping on uacctd (less data is preferable to excess data in this environment). Ok, so ulog isn't functioning right. It captures the outbound traffic but not the inbound, now with the above test it suggests that ulog is indeed being fed the private dst so it "should" work. LAN ------- (eth0 iptables/uacctd ppp0) ---- Web I inserted the ulog rule into the forward table below a few drop rules but above all the accept rules. Iptables shows it getting data, after it didn't work i split it into 2 separate rules, one for ppp0 - eth0 and one for eth0 - ppp0. Both show data. Not sure what to try from here.
_______________________________________________ pmacct-discussion mailing list http://www.pmacct.net/#mailinglists