Bandwidth tracking per user
Curtis Hawthorne
mrperson at mrperson.org
Wed Jan 11 20:56:42 CET 2006
Hi all,
I'm trying to put together a solution for tracking the bandwidth usage
of each local user on a shared server. At first, I thought I could just
create a rule for each user with the --uid-owner match on all traffic
and look at the counter for that rule. But, I found out it will only
work on LOCAL_OUT or POST_ROUTING. So, the solution I came up with was
to use the --uid-owner to set a mark on the connection on an outgoing
packet and then use that mark to track the incoming traffic. Here's an
example of what I was doing to track root's incoming and outgoing traffic:
iptables -t filter -A OUTPUT -m owner --uid-owner 0 -j CONNMARK --set-mark 0
iptables -A INPUT -m connmark --mark 0
This seems like a strange way to do things to me. Is there a better way
to track total bandwidth usage for local users, or will this way work?
Thanks!
Curtis H.
More information about the netfilter
mailing list