[mrtg] separating WAN traffic from LAN traffic
Joel Uckelman
uckelman at nomic.net
Tue Jan 6 20:42:39 CET 2009
Thus spake Joel Uckelman:
> Thus spake "McDonald, Dan":
> >
> > Most people who try that sort of thing write iptable rules and measure
> > the hits on those rules.
> >
>
> So I could do something like this
>
> iptables -I INPUT 1 -s ! $local_subnet
> iptables -I OUTPUT 1 -d ! $local_subnet
>
> and then have MRTG run a script containing, say
>
> iptables -nvxL INPUT | awk 'NR == 3 { print $2 }'
> iptables -nvxL OUTPUT | awk 'NR == 3 { print $2 }'
> uptime | cut -b 14-27
> echo localhost
>
> to get the number of bytes matching the two rules in the format MRTG wants?
>
I'm doing this now, and it works quite well. Thanks for the suggestion.
--
J.
More information about the mrtg
mailing list