Hello,
so my setup with kvm is perfect, thank you very Tom for your help so far!
I've got another question about accouting.
I've got a bridge:
brctl show
bridge name bridge id STP enabled interfaces
dmz0 8000.00ff10c5b9a5 yes vnet0
vnet1
This bridge is handled by shorewall in a two interface way with
proxyarp, so I think the bridge section on
http://www.shorewall.net/Accounting.html doesn't apply to my case.
AFAIK the interface I'd have to add in the example on the above page
would be vnet0 or vnet1
So I tried that, thus I had to list these two interfaces in the
interfaces file, which looks like this now:
net eth0 detect
tcpflags,routefilter,nosmurfs,logmartians,blacklist
kvm dmz0 detect blacklist,routeback,nosmurfs
kvm vnet0 detect blacklist,routeback,nosmurfs
kvm vnet1 detect blacklist,routeback,nosmurfs
The only way I get counted anything is to use this accounting file:
web:COUNT - eth0 dmz0 tcp 80
web:COUNT - dmz0 eth0 tcp
- 80
DONE web
So the traffic is being counted for all the bridge's activities on dmz0.
Using vnet0 instead of dmz0 is not possible, I wouldn't see any traffic
counted.
How can I establish accounting for my case in order to see traffic
separated by vnet0/vnet1/...?
Thanks
Michael
------------------------------------------------------------------------------
Open Source Business Conference (OSBC), March 24-25, 2009, San Francisco, CA
-OSBC tackles the biggest issue in open source: Open Sourcing the Enterprise
-Strategies to boost innovation and cut costs with open source participation
-Receive a $600 discount off the registration fee with the source code: SFAD
http://p.sf.net/sfu/XcvMzF8H
_______________________________________________
Shorewall-users mailing list
[email protected]
https://lists.sourceforge.net/lists/listinfo/shorewall-users
