On 15.04.2014 17:27, lilit-aibolit wrote:
> Hello misc.
> Please provide any hints how to get amount of
> Internet traffic per each IP in LAN for period of
> time month.
>
> Suppose I have such simple rules to share Internet connection
> for <lan>:
>
> table <lan> { 192.168.5.0/24 }
> match out on $ext_if inet proto tcp from <lan> to any nat-to em1
> pass in on $int_if inet proto tcp from <lan> to any port
> pass out on $ext_if inet proto tcp from em1 to any
>
> I'd like to know how many traffic does specific IPs from <lan> consumed.
>
Hello,
with the already mentioned netflow solution you will not see connections
that are not expired. So you will not see "long live" connections like vpn or
ssh
in your statistics at the appointed date.
Maybe pf labels is for you ...
lan = "{ 192.168.5.1, 192.168.5.2, .... }"
match out on $ext_if inet proto tcp to any received-on $int_if nat-to $ext_if
pass in on $int_if inet proto tcp from $lan to any label "$srcaddr" \
tag LAN-INET
pass out on $ext_if tagged LAN-INET
With "pfctl -s labels" will get this (the numbers are explained in the manpage)
192.168.5.1 57 0 0 0 0 0 0 0
192.168.5.2 37 0 0 0 0 0 0 0
....
....
192.168.5.37 37 1950 1318232 1094 1215437 856 102795 37
....
"pfctl -z" clears the per rule statistics
Greetings
Stefan
