#ACTION CHAIN SOURCE DESTINATION PROTOCOL DEST SOURCE # PORT PORT DONE - eth0 eth1 tcp 80 DONE - eth1 eth0 tcp - 80
/etc/shorewall/accounting
#ACTION CHAIN SOURCE DESTINATION PROTO DEST SOURCE USER/ MARK # PORT(S) PORT(S) GROUP COMMENT vps1-in vps1:COUNT - - 192.168.123.11/32 COMMENT vps1-out vps1:COUNT - 192.168.123.11 - COMMENT DONE vps1 COMMENT vps2-in vps2:COUNT - - 192.168.123.12/32 COMMENT vps2-out vps2:COUNT - 192.168.123.12/32 - COMMENT DONE vps2
查看記錄:
shorewall show -x accounting
shorewall show vps1
Default chain: "accounting”
iptables -nL
Chain accounting (3 references)
target prot opt source destination
vps1 all -- 0.0.0.0/0 192.168.123.61 /* vps1-in */
vps1 all -- 192.168.123.61 0.0.0.0/0 /* vps1-out */
Per-IP Accounting
在 ubuntu-12 要安一大堆 package
- xtables-addons-common - Extensions targets and matches for iptables [tools, libs]
- xtables-addons-dkms - Extensions targets and matches for iptables
安裝:
........................................................................ xt_ACCOUNT.ko: Running module version sanity check. - Original module - No original module exists within this kernel - Installation - Installing to /lib/modules/3.2.0-24-generic-pae/updates/dkms/ ........................................................................ depmod....... DKMS: install completed. Processing triggers for libc-bin ... ldconfig deferred processing now taking place
安裝後有機會要 reboot !!
否則會見 "Out of memory, MINBUFISZE too small?"
per-IP accounting is that the counters survive shorewall restart.
ACCOUNT(table,network)
table 的名稱是自選的
To account for all traffic between the WAN and LAN interfaces:
#ACTION CHAIN SOURCE DEST ... ACCOUNT(net-vps,172.20.1.0/24) - eth0 eth1 ACCOUNT(net-vps,172.20.1.0/24) - eth1 eth0
查看:
iptaccount -h
[-u] show kernel handle usage
[-h] free all kernel handles (experts only!)
[-a] list all table names
[-l name] show data in table <name>
[-f] flush data after showing
[-c] loop every second (abort with CTRL+C)
[-s] CSV output (for spreadsheet import)
iptaccount -a
libxt_ACCOUNT_cl userspace accounting tool v1.3 Found table: net-vps Finished.
iptaccount -l net-vps
Showing table: net-vps Run #0 - 0 items found Finished.
shorewall show ipa
iptables -nL
Chain accounting (3 references) target prot opt source destination ACCOUNT all -- 0.0.0.0/0 0.0.0.0/0 ACCOUNT addr 192.168.123.0/24 tname net-vps ACCOUNT all -- 0.0.0.0/0 0.0.0.0/0 ACCOUNT addr 192.168.123.0/24 tname net-vps