Hi, I was looking into the shorewall accounting rules, and wondering how to setup the accounting chain for specific servers.
For example, something like this accounts for all of the smtp traffic routed by the firewall: #ACTION CHAIN SOURCE DESTINATION PROTOCOL DEST SOURCE ## TRAFFIC IN smtp:COUNT - eth0 eth1 tcp 25 # TRAFFIC OUT smtp:COUNT - eth1 eth0 tcp - 25 DONE smtpHowever, I have several servers behind the firewall routed via DNAT and I wanted to count traffic specifically for each server. So say I have server1 at 192.168.1.10 and server2 at 192.168.1.11, would an accounting rule setup like this work? # TRAFFIC IN smtp1:COUNT - eth0 eth1:192.168.1.10 tcp 25 # TRAFFIC OUT smtp1:COUNT - eth1:192.168.1.10 eth0 tcp - 25 DONE smtp1smtp2:COUNT - eth0 eth1:192.168.1.11 tcp 25 # TRAFFIC OUT smtp2:COUNT - eth1:192.168.1.11 eth0 tcp - 25 DONE smtp2ThanksRicardo ------------------------------------------------------- This SF.Net email is sponsored by xPML, a groundbreaking scripting language that extends applications into web and mobile media. Attend the live webcast and join the prime developer group breaking into this new coding territory! http://sel.as-us.falkag.net/sel?cmd=lnk&kid=110944&bid=241720&dat=121642 ------------------------------------------------------------------------ leaf-user mailing list: [email protected] https://lists.sourceforge.net/lists/listinfo/leaf-user Support Request -- http://leaf-project.org/
