[rrd-users] Advice network protocol
Simon Hobson
linux at thehobsons.co.uk
Sun Sep 9 18:24:30 CEST 2012
Martin Friberg wrote:
>I got a linuxserver (zentyal) that handles all the routing and traffic
>managment and it works great tho since i seem to awaken my dna-code
>thath andles graphs and its in fullspeed atm i would like to graph
>various network protocol
You probably want some accounting rules.
I'm using Shorewall and it's accounting rules file so I can't say for
sure how to do it in iptables. AFAICT Shorewall just creates a chain
called accounting, and puts rules in the input, forwarding, and
output chains to it (you might not need all of those). Doing iptables
-L I see (amongst everything else) :
Chain INPUT (policy DROP)
target prot opt source destination
accounting all -- anywhere anywhere
...
Chain FORWARD (policy DROP)
target prot opt source destination
accounting all -- anywhere anywhere
...
Chain OUTPUT (policy DROP)
target prot opt source destination
accounting all -- anywhere anywhere
...
Chain accounting (3 references)
target prot opt source destination
<rules I've added>
So you need to add rules to the accounting chain (or whatever you
choose to call it) to select the sort of traffic you are interested
in.
I've started with rules that match inbound and outbound traffic to
get totals, then a call to another chain that has a rule for every IP
we have (both in and out) so I can do accounting by IP address.
I've got a stub for tracking by service/port number but haven't got
around to using that.
Then iptables -L accounting -vxn will get you a list with byte and
packet counts for every rule in teh accounting table - a little
scripting will get you from that to an RRD update.
--
Simon Hobson
Visit http://www.magpiesnestpublishing.co.uk/ for books by acclaimed
author Gladys Hobson. Novels - poetry - short stories - ideal as
Christmas stocking fillers. Some available as e-books.
More information about the rrd-users
mailing list