I think most of the other posts answered your questions with respect to netfilter. I just wanted to offer an alternative for IP accounting. Check out ipaudit (http://ipaudit.sourceforge.net). Assuming you have the pcap libraries installed on your system, it will keep track of all connections to/from your system in a nice compact format. Since it keeps track of connections instead of individual packets, it will likely tell you all the accounting info you want (packet counts, byte counts, host IPs, ports, etc). There's even a nifty web interface that you can use to view the data.
Just a thought. Jason On Sat, Jun 22, 2002 at 04:02:06PM +0200, yomega wrote: > Hi List, > > i want to set up IP Traffic Accounting. I wanna to measure the Traffic which > comes in and goes out on specified Ports. > > After reading some IPTABLES Manuals and testing some with my Linux > Fileserver, i thought of doing exactly this by that way: > I create Rules to Log the specified Ports: iptables ..... -j > log --log-prefix [name] <- this one :) Because of my syslog Settings, the > Packets are logged into /var/log/firewall > Ok now i make a Cron with a little Python or PHP Script that analyses the > logged packages, and flushes the Log File empty :). The Cron is executed > every 5 minutes. > > OK this should work, but i still got a question: > > First i start to realize that my log file will become very big with even > little outbound traffic. Now the cron is exectued and all the data written > on the hd is analysed and written on the hd. I'm afraid that this will > injure the health of the HD. Is there any other maybe more "clean" > possibility to do that loggin? or have i made some mistakes in my thoughts? > > Maybe everthing happens in the RAM (syslog and analysing)? So this would not > be a hd health prob? > > Thanx 4 all suggestions :) > > Greetz, > Stephan
