peber

Forum Replies Created

Viewing 1 post (of 1 total)
  • Author
    Posts
  • in reply to: Traffic Accounting by IP Address #48696

    peber
    Member

    It doesn’t look like there is any progress on ip accounting, so I knocked up something to help in the meantime.
    I hope someone finds this useful.

    In my case, I want to IP account for the 192.168.6.0/24 subnet.

    I created a new chain called ‘accounting’ and left it blank.
    I then added the following line to the “Post Boot script”
    # Startup Script
    /DB/accounting

    You’ll need to create this file.
    Here is my example: (change the subnet to whatever you want)


    #!/bin/bash
    let a=1
    while [ $a -lt 255 ]; do
    iptables -A accounting -d 192.168.6.$a
    let a=a+1
    done
    iptables -A accounting -j RETURN

    On boot, zeroshell will create the ‘accounting’ chain, then this post boot script will populate it with some rules.

    The last step is to create a new rule at the top of your FORWARD chain.
    In my case, I have said anything coming in ppp0 (internet) going out ETH00 (LAN) should be sent to the ‘accounting’ chain.
    The chain simply counts the packets then returns to the FORWARD chain for normal processing.

    To view the stats, you can either use:
    iptables -L accounting -v -n
    iptables -L accounting -v -n -x
    (-x prints exact values, handy for parsing the bytes value into other scripts)
    Or you can choose the chain from the web interface (it will appear to be empty) and click the VIEW button.
    You’ll see the same output as the commands above.

    One last thing – if you want to reset the stats daily or whatever, add something like this to your cron jobs:

    iptables -Z accounting

    I hope you find this useful.

    Peter.

Viewing 1 post (of 1 total)