Accounting with iptables vs. snmp

Stefan-Michael. Guenther (in-put GbR) S.Guenther at
Tue Apr 26 13:45:44 CEST 2005


using iptables I have setup a traffic accounting on one of our client's 

iptables -A INPUT -i $WAN -j LOG --log-level debug
iptables -A OUTPUT -o $WAN -j LOG --log-level debug
iptables -A FORWARD -j LOG --log-level debug

syslogd collects the entries in a single file which is analysed daily.

The results corresponds to the amount of data I get with "iptables -L -v -n" .

The provider of our client uses snmp on his router to calculate the traffic.

Strange, but true: The numbers are never the same, sometimes iptables logs 
more traffic, sometimes snmp. The differences are between 1 and 25 %.

Obviously someone is doing something wrong. The provider is one of Germany's 
big player, so I guess I made the mistake. But where and why?

Thanks for any hint.


in-put GbR - Das Linux-Systemhaus
Stefan-Michael Guenther
Moltkestrasse 49     D-76133 Karlsruhe
Tel./Fax : +49 (0)721 / 83044 - 98/93

More information about the netfilter mailing list