Welslau, Jan wrote (on 15 Jan 2002 at 18:57):
Wie muss ich das IP Accounting einrichten um zu sehen welcher Client welchen Traffic verursacht. Ich benötige eine Angabe in mb Traffic In/Out pro Tag, pro Client. Wie kann ich das Realisieren?
Ich habe (s. /etc/init.d/ipacct im Anhang) einen Chain für accounting eingerichtet, und darin eine Regel mit -j ACCEPT für jeden Client im LAN. Auf diesen Chain wird nun aus dem FORWARDING-Chain gesprungen. Accounting-Daten werden in /etc/cron.daily ausgelesen und zurückgesetzt mit iptables -L -v - z. An einen Perl-Script, der die Ausgabe etwas sinnvoller aufbereitet, bastele ich noch. -- -- Tony Crawford -- tc@crawfords.de -- +49-3341-30 99 99 -- #!/bin/sh # Script to start/stop IP accounting # cribbed from http://www.linuxdoc.org/LDP/nag2/x-087-2-accounting.html NETWORK=10.0.0.0 NETMASK=255.255.255.0 depmod -a # /sbin/modprobe forward-fragment case "$1" in start) echo -n "Starting IP accounting" iptables -N a-kids iptables -N a-adults iptables -N a-fred iptables -N a-tony # Stats are saved by each rule, so add a rule for each host: iptables -A a-kids -i ppp+ -d 10.0.0.21 -j ACCEPT iptables -A a-kids -o ppp+ -s 10.0.0.21 -j ACCEPT iptables -A a-kids -i ppp+ -d 10.0.0.22 -j ACCEPT iptables -A a-kids -o ppp+ -s 10.0.0.22 -j ACCEPT iptables -A a-kids -i ppp+ -d 10.0.0.23 -j ACCEPT iptables -A a-kids -o ppp+ -s 10.0.0.23 -j ACCEPT iptables -A a-kids -i ppp+ -d 10.0.0.26 -j ACCEPT iptables -A a-kids -o ppp+ -s 10.0.0.26 -j ACCEPT iptables -A a-kids -i ppp+ -d 10.0.0.48 -j ACCEPT iptables -A a-kids -o ppp+ -s 10.0.0.48 -j ACCEPT # Then a catch-all rule for any that slip through iptables -A a-kids -j ACCEPT # Again for adults: iptables -A a-adults -i ppp+ -d 10.0.0.4 -j ACCEPT iptables -A a-adults -o ppp+ -s 10.0.0.4 -j ACCEPT iptables -A a-adults -i ppp+ -d 10.0.0.5 -j ACCEPT iptables -A a-adults -o ppp+ -s 10.0.0.5 -j ACCEPT iptables -A a-adults -i ppp+ -d 10.0.0.6 -j ACCEPT iptables -A a-adults -o ppp+ -s 10.0.0.6 -j ACCEPT iptables -A a-adults -i ppp+ -d 10.0.0.44 -j ACCEPT iptables -A a-adults -o ppp+ -s 10.0.0.44 -j ACCEPT iptables -A a-adults -i ppp+ -d 10.0.0.55 -j ACCEPT iptables -A a-adults -o ppp+ -s 10.0.0.55 -j ACCEPT iptables -A a-adults -j ACCEPT # fred and tony each have several hosts iptables -A a-fred -j ACCEPT iptables -A a-tony -j ACCEPT # kids have addresses .16 to .31 except Marie who has 48 iptables -A FORWARD -i ppp+ -d 10.0.0.16/28 -j a-kids iptables -A FORWARD -o ppp+ -s 10.0.0.16/28 -j a-kids iptables -A FORWARD -i ppp+ -d 10.0.0.48 -j a-kids iptables -A FORWARD -o ppp+ -s 10.0.0.48 -j a-kids # Tills Rechner haben ganz verschiedene IP-Nummern iptables -A FORWARD -i ppp+ -d 10.0.0.143 -j a-fred iptables -A FORWARD -o ppp+ -s 10.0.0.143 -j a-fred iptables -A FORWARD -i ppp+ -d 10.0.0.43 -j a-fred iptables -A FORWARD -o ppp+ -s 10.0.0.43 -j a-fred iptables -A FORWARD -i ppp+ -d 10.0.0.45 -j a-fred iptables -A FORWARD -o ppp+ -s 10.0.0.45 -j a-fred iptables -A FORWARD -i ppp+ -d 10.0.0.65 -j a-fred iptables -A FORWARD -o ppp+ -s 10.0.0.65 -j a-fred iptables -A FORWARD -i ppp+ -d 192.169.0.49 -j a-fred iptables -A FORWARD -o ppp+ -s 192.169.0.49 -j a-fred # Tony hat .1 bis .15, au�er Gracie (.2) und pumpkin (.3) iptables -A FORWARD -i ppp+ -d 10.0.0.2 -j ACCEPT iptables -A FORWARD -o ppp+ -s 10.0.0.2 -j ACCEPT iptables -A FORWARD -i ppp+ -d 10.0.0.3 -j ACCEPT iptables -A FORWARD -o ppp+ -s 10.0.0.3 -j ACCEPT # Also jetzt Tony: Maske = 28 bits iptables -A FORWARD -i ppp+ -d 10.0.0.0/28 -j a-tony iptables -A FORWARD -o ppp+ -s 10.0.0.0/28 -j a-tony # Anything not to/from kids, fred or tony is to/from adults iptables -A FORWARD -i ppp+ -j a-adults iptables -A FORWARD -o ppp+ -j a-adults echo "." ;; stop) echo -n "Stopping IP accounting" # Can't delete a chain until all calls to it are deleted # Also, don't delete rules in a chain until calls to that chain are deleted # FIRST, delete calls to user chains in FORWARD chain: iptables -D FORWARD -i ppp+ -j a-adults iptables -D FORWARD -o ppp+ -j a-adults iptables -D FORWARD -i ppp+ -d 10.0.0.48 -j a-kids iptables -D FORWARD -o ppp+ -s 10.0.0.48 -j a-kids iptables -D FORWARD -i ppp+ -d 10.0.0.16/28 -j a-kids iptables -D FORWARD -o ppp+ -s 10.0.0.16/28 -j a-kids # Tills Rechner haben ganz verschiedene IP-Nummern iptables -D FORWARD -i ppp+ -d 10.0.0.143 -j a-fred iptables -D FORWARD -o ppp+ -s 10.0.0.143 -j a-fred iptables -D FORWARD -i ppp+ -d 10.0.0.43 -j a-fred iptables -D FORWARD -o ppp+ -s 10.0.0.43 -j a-fred iptables -D FORWARD -i ppp+ -d 10.0.0.45 -j a-fred iptables -D FORWARD -o ppp+ -s 10.0.0.45 -j a-fred iptables -D FORWARD -i ppp+ -d 10.0.0.65 -j a-fred iptables -D FORWARD -o ppp+ -s 10.0.0.65 -j a-fred iptables -D FORWARD -i ppp+ -d 192.169.0.49 -j a-fred iptables -D FORWARD -o ppp+ -s 192.169.0.49 -j a-fred # Tony hat .1 bis .15, au�er Gracie (.2) und pumpkin (.3): iptables -D FORWARD -i ppp+ -d 10.0.0.2 -j ACCEPT iptables -D FORWARD -o ppp+ -s 10.0.0.2 -j ACCEPT iptables -D FORWARD -i ppp+ -d 10.0.0.3 -j ACCEPT iptables -D FORWARD -o ppp+ -s 10.0.0.3 -j ACCEPT # Also jetzt Tony: Maske = 28 bits iptables -D FORWARD -i ppp+ -d 10.0.0.0/28 -j a-tony iptables -D FORWARD -o ppp+ -s 10.0.0.0/28 -j a-tony # SECOND: Delete rules in subordinate chains iptables -D a-adults -i ppp+ -d 10.0.0.4 -j ACCEPT iptables -D a-adults -o ppp+ -s 10.0.0.4 -j ACCEPT iptables -D a-adults -i ppp+ -d 10.0.0.5 -j ACCEPT iptables -D a-adults -o ppp+ -s 10.0.0.5 -j ACCEPT iptables -D a-adults -i ppp+ -d 10.0.0.6 -j ACCEPT iptables -D a-adults -o ppp+ -s 10.0.0.6 -j ACCEPT iptables -D a-adults -i ppp+ -d 10.0.0.44 -j ACCEPT iptables -D a-adults -o ppp+ -s 10.0.0.44 -j ACCEPT iptables -D a-adults -i ppp+ -d 10.0.0.55 -j ACCEPT iptables -D a-adults -o ppp+ -s 10.0.0.55 -j ACCEPT iptables -D a-kids -i ppp+ -d 10.0.0.21 -j ACCEPT iptables -D a-kids -o ppp+ -s 10.0.0.21 -j ACCEPT iptables -D a-kids -i ppp+ -d 10.0.0.22 -j ACCEPT iptables -D a-kids -o ppp+ -s 10.0.0.22 -j ACCEPT iptables -D a-kids -i ppp+ -d 10.0.0.23 -j ACCEPT iptables -D a-kids -o ppp+ -s 10.0.0.23 -j ACCEPT iptables -D a-kids -i ppp+ -d 10.0.0.26 -j ACCEPT iptables -D a-kids -o ppp+ -s 10.0.0.26 -j ACCEPT iptables -D a-kids -i ppp+ -d 10.0.0.48 -j ACCEPT iptables -D a-kids -o ppp+ -s 10.0.0.48 -j ACCEPT iptables -D a-kids -j ACCEPT iptables -D a-adults -j ACCEPT iptables -D a-fred -j ACCEPT iptables -D a-tony -j ACCEPT # THIRD: Delete the custom chains iptables -X a-kids iptables -X a-adults iptables -X a-fred iptables -X a-tony echo "." ;; restart) $0 stop ; sleep 1 ; $0 start ;; esac exit 0