Re: [LARTC] Count no of hosts

2003-02-07 Thread Martin A. Brown 

 : Is there any way to dynamically measure the no of concurrent internal
 : hosts (IP's) utilising the linux NAT Gateway/forwarding box.

If you have root level access to the box, you can use a bit of shell to
determine the number of concurrent "clients" in any given instant.  This
assumes, of course, that you don't have an internally SNATed/masqueraded
network which {c,w}ould hide more clients.

ipchains?

# /sbin/ipchains -MnL | awk '/[0-9][0-9]:[0-9][0-9]/{print $3}' \
>  | sort | uniq | wc -l

iptables?

# awk '/(ESTABLISHED|ASSURED)/{print $5}' /proc/net/ip_conntrack \
>  | sort | uniq

Naturally with iptables, you'll need to know a bit more about your use of
the connection tracking to disambiguate any inbound or internal to DMZ
connections to accurately count your SNAT/MASQUERADEd connections.

The above shell is not designed with efficiency in mind (obviously), but
you get the idea.

-Martin

-- 
Martin A. Brown --- SecurePipe, Inc. --- [EMAIL PROTECTED]

___
LARTC mailing list / [EMAIL PROTECTED]
http://mailman.ds9a.nl/mailman/listinfo/lartc HOWTO: http://lartc.org/

Re: [LARTC] Count no of hosts

2003-02-06 Thread Stef Coene 
On Friday 07 February 2003 08:35, CLS Prasad wrote:
> Is there any way to dynamically measure the no of concurrent internal hosts
> (IP's) utilising the linux NAT Gateway/forwarding box.
> The idea is to measure the no of hosts actively using the gateway. I do not
> want to measure the no of TCP connections which iptraf does because it does
> not give the actual no of hosts.
:)
On slashdot was an article about the same subject.  It can be done if you 
really want to do so.
http://slashdot.org/article.pl?sid=03/02/05/2129218&mode=thread&tid=95

Stef

-- 

[EMAIL PROTECTED]
 "Using Linux as bandwidth manager"
 http://www.docum.org/
 #lartc @ irc.oftc.net

___
LARTC mailing list / [EMAIL PROTECTED]
http://mailman.ds9a.nl/mailman/listinfo/lartc HOWTO: http://lartc.org/

[LARTC] Count no of hosts

2003-02-06 Thread CLS Prasad 
Is there any way to dynamically measure the no of concurrent internal hosts 
(IP's) utilising the linux NAT Gateway/forwarding box.
The idea is to measure the no of hosts actively using the gateway. I do not 
want to measure the no of TCP connections which iptraf does because it does 
not give the actual no of hosts.




_
Protect your PC - get McAfee.com VirusScan Online 
http://clinic.mcafee.com/clinic/ibuy/campaign.asp?cid=3963

___
LARTC mailing list / [EMAIL PROTECTED]
http://mailman.ds9a.nl/mailman/listinfo/lartc HOWTO: http://lartc.org/