One thing you might want to try, which is much simpler than the ideas you
suggested, is to use iptables: Run Skype, and then use iptables'
"--pid-owner" or "--cmd-owner" option to add an iptables rule which will
allow traffic from this process. Then use "iptables -nvL" to get the count
of packets and bytes that passed through this rule.
Thanks. My home machine is an old single-core AMD Athlon so I can use this module which I wasn't aware of.
This module seems to solve only half of my problem - it doesn't trap INCOMING packets, only locally generated packets. If I could use the MARK options then maybe it'll work. If not then maybe I can use ULOG to trigger a user-level program to alter the interception rules dynamically.
(Also this read revealed to me the geoip option which is just what I wanted in order to limit access to my home machine from certain countries).
Thanks,
--Amos
