IPtables keeps counters against rules, so you can use MRTG to graph this. You would need to write a custom plugin for MRTG that parses the output of 'iptables -L -n -v'
If your iptables is not on the same host as your MRTG server, then you will need to run the plugin remotely using some method. Either ssh with keys, NRPE with 'mrtg-nrpe', or something similar. This sort of information is not normally in SNMP, though you could write your plugin as a ucd-snmpd extension to make it so, though this is getting into a bit advanced coding. I don't think anyone else has done this previously, though there was an ipchains extension for ucd-snmpd once. Steve Steve Shipway [email protected]
smime.p7s
Description: S/MIME cryptographic signature
_______________________________________________ mrtg mailing list [email protected] https://lists.oetiker.ch/cgi-bin/listinfo/mrtg
