Hmmmm My dirty wayout for traffic accounting is (My router is WISP with no shorwall) :
1. Create Userdefined Chain for every ip-address to be monitored. i.e for ip address of 192.168.0.2 --> iptables -N 000002I --> prepared for inbound/download traffic --> iptables -N 000002O --> prepared for outbound/upload traffic iptables -I FORWARD -d 192.168.0.2 -j 00000I iptables -I FORWARD -s 192.168.0.2 -j 00000O 2. use the passtrough methode of net-snmpd extention (can be read inside the snmpd.conf) 3. modify the passtest script case "$RET" in $PLACE.1) echo "string"; echo "INBOUND TRAFFIC ACCOUNTING"; exit 0 ;; $PLACE.1.1) echo "counter"; iptables -L FORWARD -vnx |grep 000002I |tr -s " " "X" |cut -f3 -d"X"; exit 0 ;; $PLACE.2) echo "string"; echo "OUTBOUND TRAFFIC ACCOUNTING"; exit 0 ;; $PLACE.2.1) echo "counter"; iptables -L FORWARD -vnx |grep 000002O |tr -s " " "X" |cut -f3 -d"X"; exit 0 ;; esac 4. set mrtg cfg file to get OID of 1.3.6.1.4.1.2021.255.1.1 and 1.3.6.1.4.1.2021.255.2.1 from 192.168.0.1 (my gateway) the result is a traffic monitoring of my workstation (winblows with no snmp agent) Remember .. it's only a dirty codes by a dumb bash scripter .... me sincerely -bino- ----- Original Message ----- From: "Tom Eastep" <[EMAIL PROTECTED]> To: <[EMAIL PROTECTED]> Cc: <[EMAIL PROTECTED]> Sent: Friday, November 14, 2003 3:56 AM Subject: Re: [leaf-user] Accounting Bering 1.0 Shorewall 1.3 / 1.4 > Hi Folks, > a got a problem with accounting in shorewall 1.4. > The counters _remain_ at zero after surfing some > sites. > > "shorewall show web": > > Shorewall-1.4 Chain web at bering - Thu Nov 13 15:38:06 CET 2003 > Counters reset Thu Nov 13 15:18:40 CET 2003 > Chain web (2 references) > pkts bytes target prot opt in out source destination 0 > 0 tcp -- eth0 eth1 0.0.0.0/0 0.0.0.0/0 tcp dpt:80 > 0 0 tcp -- eth1 eth0 0.0.0.0/0 0.0.0.0/0 tcp spt:80 > 0 0 RETURN ah -- * * 0.0.0.0/0 0.0.0.0/0 So is eth0 your internal interface and eth1 your external interface? That would be required for the above rules to account for web surfing. -Tom -- Tom Eastep \ Nothing is foolproof to a sufficiently talented fool Shoreline \ http://www.shorewall.net Washington, USA \ [EMAIL PROTECTED] ------------------------------------------------------- This SF.Net email sponsored by: ApacheCon 2003, 16-19 November in Las Vegas. Learn firsthand the latest developments in Apache, PHP, Perl, XML, Java, MySQL, WebDAV, and more! http://www.apachecon.com/ ------------------------------------------------------------------------ leaf-user mailing list: [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/leaf-user SR FAQ: http://leaf-project.org/pub/doc/docmanager/docid_1891.html ------------------------------------------------------- This SF.Net email sponsored by: ApacheCon 2003, 16-19 November in Las Vegas. Learn firsthand the latest developments in Apache, PHP, Perl, XML, Java, MySQL, WebDAV, and more! http://www.apachecon.com/ ------------------------------------------------------------------------ leaf-user mailing list: [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/leaf-user SR FAQ: http://leaf-project.org/pub/doc/docmanager/docid_1891.html
