The ACCOUNT netfilter extension looks like it does pretty much exactly what I want, although I’d guess careful attention would need to be paid to how this data would end up in persistent logs. In my case I’m often running Zeroshell instances on machines with hard-disks, so this isn’t much of a problem given I can “cron” maintenance over SSH from other hosts.
I’d be interested to gain stats on how much in and out traffic occurs for each of “my” IP addresses (say 400 different IPs). I don’t really care about the peer IP addresses… well, I’d account for a few destination subnets differently, but I can obviously do that selecting different ACCOUNT actions using iptables rules.
I’m assuming that the current Zeroshell system does not provide for this merely because I can’t find the iptaccount user-space command – I could well be missing having noticed an alternative that is present though. Apologies in advance if that’s the case!