Hi all, On Thu, 21 Dec 2006, Jaime Nebrera wrote:
>> I have a linux-router as internet gateway for small office with pmaccd >> running. It works well for now. But when I start the transparent proxy >> with permanent redirect of http to it, pmacct dosn't count incoming >> http traffic. I know that it comes from webserver to my router, not to >> lan client. >> >> Does anybody knows how to count such traffic and assign it with lan >> host? > > We have faced the same problem in the fast and are currently > experiencing with the only solution available. > > You need to use tproxy :) This means patching the kernel and iptables, > patching Squid and well, getting into there. We have made it work but > are unsure yet of its other consecuences (besides of course, being able > to see the internal IPs) If I understood the problem correctly, then I think there is another possible solution: write your own transparent proxy (or modify an existing one) to intercept the X-Forwarded-For and Host headers, and all four IP addresses and port numbers (a pair of each for the connection into and out of the proxy). You can put this information in a database table that you can link to the pmacct accounting tables whenever you need it. An added bonus is that you get the name of the remote website, not just the port number, whenever you want it. The disadvantages are that your web connections are broken into two connections in the pmacct database (which just means that it is reflecting reality); and your pmacct client software needs to be modified to take advantage of the new table. Cheers, Chris. -- (aidworld) chris wilson | chief engineer ([EMAIL PROTECTED]) _______________________________________________ pmacct-discussion mailing list http://www.pmacct.net/#mailinglists
