[Shorewall-users] Accounting

Fri, 13 Dec 2013 07:52:55 -0800 

Hi Group,

I was wonder if it is possible to use shorewall-accounting with ULOG2 and
NFLOG.

My Goal is as follow:

Say I have in rules something like this:

accept fw all all
accept all fw tcp 80,443
drop    all all all

with the following in accounting:
        web             -       eth0    -               tcp             80
        web             -       -       eth0            tcp             -
            80
        web             -       eth0    -               tcp             443
        web             -       -       eth0            tcp             -
            443


        web        -       eth0    -               tcp             -    80
        web        -       -       eth0            tcp             80
        web        -       eth0    -               tcp             -
 443
        web        -       -       eth0            tcp             443  -
        COUNT           web     eth0
        COUNT           web     -       eth0
        DONE            web


While I can easy check the account status for web traffic in and out, all
other traffic go under different chain.
So My question is
1 Can I define somehow an automatic way to update the accounting file for
each time I creating /deleting rule from rules

So I I have something like
   accept all fw tcp 80,443,21

I will have a two chain one for web traffic and one for ftp(21) traffic ?

2. What I have some like this
 accept fw any all

Can I have accounting provide me not only the amount of traffic outbound ,
but also specified per  other ports?  say for DNS, SMTP traffic etc... or I
would have to create them one time in the accounting file?


3. I saw the accounting support the NFLOG. Can someone please provide an
example how to used it? what is the generated output from this? Does ULOG2
support this?
I know about
https://home.regit.org/2012/07/flow-accounting-with-netfilter-and-ulogd2/ but
I not sure I can used nfacct due to kernel issues, and besides does
accounting with ULOG2 is supported with mysql?

Thanks
Sassy

------------------------------------------------------------------------------
Rapidly troubleshoot problems before they affect your business. Most IT 
organizations don't have a clear picture of how application performance 
affects their revenue. With AppDynamics, you get 100% visibility into your 
Java,.NET, & PHP application. Start your 15-day FREE TRIAL of AppDynamics Pro!
http://pubads.g.doubleclick.net/gampad/clk?id=84349831&iu=/4140/ostg.clktrk
_______________________________________________
Shorewall-users mailing list
[email protected]
https://lists.sourceforge.net/lists/listinfo/shorewall-users

Reply via email to