beware: this mail is maybe written in a confusing way and because of my not that good english bad to understand! ;-)
hi there! i just discussed with a fried if it is possible to account ip-based traffic with a bridge. i would be happy if you can give me a hint how to do the thingy i'll try to describe you now: image an uplink port #1. this port handles all traffic from and to the internet. on port #2 (configured as monitoring port for #1) i want to attach a linux-box that should act as traffic accounting server. on the other ports there are some servers. now i want to figure out how many traffic passed from the server at (e.g.) port #7 to the internet and vice versa. local traffic (like port #7 -> port #5) shouldn't get counted. i thought about having the linux-box on port #2 acting as a bridge (to get the network-card into promiscous mode and have the kernel count the bytes ) and and use ipchains [with the ipchains-bridging-patch] to count the amount of bytes with rules like 10.0.0.10, port * -> any any -> 10.0.0.10, port * the problem is that the server with ip# 10.0.0.10 is physically on port #7 and not on the other side of the bridge and so the kernel doesn't bridge the packets. is there a way to have it bridging the packets into nirvana (/dev/null or a network-card without any cable connected to it)? means: is there a way to tell the kernel that every MAC-address exists on the "no_cable_connected_to_it" network-card? this way the kernel would do forwarding for every packet and the bytes would appear in ipchains. it doesn't matter that the forwarded (=bridged) packets doesn't arrive anywhere since they are duplicates (via the mirror-port) anyway. the only import thingy is that it is possible to count the traffic. thanks for reading and any help! :-) - daniel _______________________________________________ Bridge mailing list [EMAIL PROTECTED] http://www.math.leidenuniv.nl/mailman/listinfo/bridge
