[plug] IP Accounting
Brad Campbell
brad at seme.com.au
Thu Mar 30 14:25:11 WST 2000
Thanks for all your replies regarding counting bytes..
This is what I did, could I have some comments on how dirty it is :p)
This is where I modified my firewall script that was sent to me kindly
a couple of months ago..
#--------------------------------------------------------------Masquerading -
counter=1
maximum=20
echo -n "Masquerading..."
# don't masquerade internal-internal traffic
$IPCHAINS -A forward -s $INTERNALNET -d $INTERNALNET -j ACCEPT
echo -n "..."
# don't Masquerade external interface direct
$IPCHAINS -A forward -s $LOCALNET -d $REMOTENET -j ACCEPT
echo -n "..."
# masquerade all internal IP's going outside
while [ $counter -le $maximum ] ; do
$IPCHAINS -A forward -s 192.168.1.$counter -d $REMOTENET -j MASQ
counter=$((counter+1))
done
#$IPCHAINS -A forward -s $INTERNALNET -d $REMOTENET -j MASQ
echo -n "..."
# set Default rule on MASQ chain to Deny
$IPCHAINS -P forward DENY
echo -n "..."
#-------------------------------------------------------------------
All this does is create entries in the forward table from 192.168.1.1
to 192.168.1.20, then I can see the byte count for each one individually.
in fact, if I
watch ipchains -vxnL forward
I get a real-time look at who is using all the bandwidth...
Because all the firewall chains are flushed every time the link comes up,
have in my ip-down script
ipchains -vxnL forward > /usr/local/ipdata/`date +%k.%M_%d.%m.%Y`
and I get a log of all data across the network for every dialup session.
Cheers for all your help..
Brad..
More information about the plug
mailing list