IP Traffic.

Sat, 27 Apr 2002 01:38:36 -0700 

Hi , I've setup a few rules to monitor the incmoming/outgoing bandwidth on a
per IP basis. My problem is
that I think IP tables is giving me an in correct byte count. Now I'm still
new to all of this and I might have
made a few error when I've set up the rules.

Here's what I did.

I have 4 interfaces in my box.

eth0 ; gateway
eth1 : 192.168.25.1/24 { Masquerade } This is the inrerface That I want to
monitor , the rest I don't care about.
eth2 : 192.168.1.1/24 { Masquerade }
eth3 : 193.220.24.192/26 { This is just forwarding packets }

echo "1" > /proc/sys/net/ipv4/ip_forward

$IPTABLES -F
$IPTABLES -X
$IPTABLES -P FORWARD DROP

$IPTABLES -t nat -A POSTROUTING -s 192.168.25.1/24 -o $EXTIF -j MASQUERADE
$IPTABLES -t nat -A POSTROUTING -s 192.168.1.1/24 -o $EXTIF -j MASQUERADE

#######################################################
Here's an example of a IP that I want to monitor the bandwidth on.
#######################################################
$IPS -N 192.168.25.2
$IPS -A FORWARD -i eth0 -s 0/0 -d 192.168.25.2 -m state --state
ESTABLISHED,RELATED -j 192.168.25.2
$IPS -A FORWARD -s 192.168.25.2 -o eth0 -m mac --mac-source
00:02:2d:0f:ad:ef -j 192.168.25.2
$IPS -A 192.168.25.2 -i eth0 -d 192.168.25.2 -j ACCEPT
$IPS -A 192.168.25.2 -o eth0 -s 192.168.25.2 -j ACCEPT
########################################################

$IPTABLES -A FORWARD -i eth0 -o eth2 -m state --state ESTABLISHED,RELATED -j
ACCEPT
$IPTABLES -A FORWARD -i eth0 -o eth3 -m state --state ESTABLISHED,RELATED -j
ACCEPT

$IPTABLES -A FORWARD -i eth2 -o eth0 -j ACCEPT
$IPTABLES -A FORWARD -i eth3 -o eth0 -j ACCEPT
$IPTABLES -A FORWARD -j DROP

#########################################################

Now If I , let's say download a 1m file , it only reports the following data

[root@srv4 fire]# iptables -L 192.168.25.24 -x -v
Chain 192.168.25.24 (2 references)
    pkts      bytes target     prot opt in     out     source
destination
       4      384 ACCEPT     all  --  eth0   any     anywhere
192.168.25.24
       0          0 ACCEPT     all  --  any    eth0    192.168.25.24
anywhere

Your Help will be much apreciated.
Kind Regards
    Stephan

Reply via email to