Re: [SLUG] IPchains IP accounting question - Help! :)

Sun, 05 Nov 2000 18:05:23 -0800 

I have the distinct feeling that accounting in IP Chains follows the same
rules as all other IP chains, which basically means, first match wins....
so... if you have a rule that matches all hosts, it'll match, and no other
rules will get processed... which means your individual hosts don't get
accounted.

--==============================================--
  Crossfire      | This email was brought to you
  [EMAIL PROTECTED] | on 100% Recycled Electrons
--==============================================--

----- Original Message -----
From: "Gonzalo Servat" <[EMAIL PROTECTED]>
To: "SLUG" <[EMAIL PROTECTED]>
Sent: Monday, November 06, 2000 12:31 PM
Subject: [SLUG] IPchains IP accounting question - Help! :)


> Hi Slug'ers!
>
> I'm trying to set-up a linux box (redhat7) to do the IP accounting for
> a bunch of servers that we host. We'd like to count exactly how much
> incoming and outgoing traffic each of these machines are doing.
>
> This IP accounting box is currently just another node on the switch...
> so it's NOT the main "default gateway" for all the servers that we host.
>
> So far, I've been able to count the TOTAL incoming and outgoing traffic
> to the whole segment (X.X.X.0/24) but I can't get IPchains to count
> traffic to/from individual IP addresses (the ipchains counter for the
> specific IP address stays at 0 while the TOTAL counter increases).
>
> Is this because the IP accounting machine has to be the main default gw
> (ie. forwarding packets) for all the hosted machines so that the traffic
> actually goes through the IP accounting box?
>
> I'm trying to avoid the "single-point-of-failure" problem by making the
> IP accounting box the main default gw for all the hosted systems so I'm
> trying to get it to work as another node on the switch and the ethernet
> card with Promiscious mode enabled, however if somebody can tell me that
> I /have/ to make the IP accounting box the default GW for this to work
> then I'll be forced to go along with the single-point-of-failure PC.
>
> Thanks in advance for any help.
>
> Regards,
>
> Gonzalo.
>
>
> --
> SLUG - Sydney Linux User Group Mailing List - http://slug.org.au/
> More Info: http://slug.org.au/lists/listinfo/slug



-- 
SLUG - Sydney Linux User Group Mailing List - http://slug.org.au/
More Info: http://slug.org.au/lists/listinfo/slug

Reply via email to