Bandwith monitoring

[Robby]

On Mon, Jan 21, 2002 at 06:00:24PM, Cyril Porteret wrote: 
> Ok you use rrdtool to process the datas but how do you grab the data ?

I have use the same engine that creates my firewall rules (A really
large, complex set of for and while loops) from a bunch of config files
which are really bash arrays to, instead of creating rules, rather grep
for the unique rule. I then pass each ports data specified in the rule
to a function which updates my rrd database. So I have a different rrd
database for each rule (which consists of a source and destination IP
and a number of allowed ports, one of which may be 0:).

> Do you set a rule in the FORWARD chain for each local ip ?

Basically, in my FORWARD chain I have a chain for each of my subnets and
DMZ, one incomming and one outgoing. I masquerade my LANS but not my
DMZs, but I get the data from the FORWARD chain as the masqueraded traffic 
still needs to pass through it (and therefore get accounted). I have a
DENY all policy in all my major chains, so everything that goes through
my firewall I must specificly allow.

> How can you get the bandwidth used for each nated ips ?
What kind of NAT? As far as I know every type travels through the
FORWARD chain except maybe the OUTPUT chin in PRE and POSTROUTING.

But even in the nat table, accounting information is given.

> Thanks
> 
> Cyril.

-- 

Robert Mc Donald - Support Consultant
Obsidian Systems - Www.Obsidian.Co.Za

Contact: 011-792-6500