On Saturday 22 June 2002 3:02 pm, yomega wrote: > Hi List, > > i want to set up IP Traffic Accounting. I wanna to measure the Traffic > which comes in and goes out on specified Ports. > > After reading some IPTABLES Manuals and testing some with my Linux > Fileserver, i thought of doing exactly this by that way: > I create Rules to Log the specified Ports: iptables ..... -j > log --log-prefix [name] <- this one :) Because of my syslog Settings, the > Packets are logged into /var/log/firewall > Ok now i make a Cron with a little Python or PHP Script that analyses the > logged packages, and flushes the Log File empty :). The Cron is executed > every 5 minutes. > > OK this should work, but i still got a question: > > First i start to realize that my log file will become very big with even > little outbound traffic. Now the cron is exectued and all the data written > on the hd is analysed and written on the hd. I'm afraid that this will > injure the health of the HD. Is there any other maybe more "clean" > possibility to do that loggin? or have i made some mistakes in my thoughts?
I *really* wouldn't worry about the health of your hard disk - reading & writing data is what hard disks are made for :-) However, if you want to keep the size of the log files down, you could try just creating some rules whcih match the packets you're interested in (maybe you have some already ?) which simply ACCEPT / DROP / REJECT the packets, and then you can see how many packets & bytes got matched by those rules with iptables -L -n -v That way you can see the numbers whenever you want to, and calculate traffic over a given time period by subtraction. Antony.
