[plug] IP accounting
John Breen
john at johnbreen.id.au
Mon Mar 29 20:24:30 WST 2004
i've got a fairly simple network setup here, with 2 networks and a
bridge/gateway/router box between them. There's 2 dialup users on one of
the machines (NOT the gateway), my network looks something like:
10.1.1.3 winslows box
10.1.1.2 debian server
10.1.1.1 AND 10.1.2.1 AND 202.x.x.x. gateway
10.1.2.2 mailserver/webserver
10.1.2.3 dialin server
10.1.2.4 AND 10.1.2.5 modem on dialin server
now, i want to be able to log traffic flowing through the dialin server and
modem, which I can do basically with ipchains (it works, don't fix it :))
by adding some rules like
ipchains -A input -s 10.1.2.4 -d 10.1.2.2 # everything to the local
web/mail server
ipchains -A input -s 10.1.2.4 -d 10.1.2.0/24 # everything to anywhere
else on the 10.1.2 network
ipchains -A input -s 10.1.2.4 -d 10.1.1.0/24 # everything to anywhere on
the 10.1.1 network
ipchains -A input -s 10.1.2.4 # anything else from 10.1.2.4
(these are only FROM the modem side - another set of rules going the other
way is also in place)
ok, fine BUT, i use an isp which gives free and non-free traffic where free
is anything on the isp's local network
(that bit's easy), or anything on the WAIX. what I need to do is to
determine if traffic's flowing from 10.1.2.4 through the WAIX to get to
where it's going in which case it's also free and should be logged
differently to anything else. So far as I can see, I either need to find
out every IP that goes through the WAIX to get to OR use something other
than ipchains for my accounting needs. Or am I completely wrong here, and
there is another way that might be less laborious?
cheers,
JB
More information about the plug
mailing list