On Friday 05 July 2002 09:45, Martin Tomasek wrote: > Hello all, > > I'm looking for some accounting for netfilter, which should be used like > this: > > iptables -A FORWARD -s 1.2.0.0/16 -j ACCOUNTING > > and which sends data to userspace periodically. It should collect > protocol-ips-ports triplets, for which it will count bytes. > I could't use -j ULOG or pcap because of big overhead -- I want to use > it on gigabit router. > > Have you seen something like this?
How about using the "IP accounting" facility of iptables? Try: #iptables -A FORWARD -s 1.2.0.0/16 i.e. without the -j option, to create a counter, and use #iptables -L -v to read out the results. #iptables -Z to reset. You can make similar entries to count by service port. Jan Humme.
