iptables + port traffic - Networking

This is a discussion on iptables + port traffic - Networking ; how can i make iptables dump the amount of traffic going through specific ports into a file, so that a prog like iam (http:// www.intevation.de/iam/ ) can parse the contents and display the port traffic. or does anyone know a ...

+ Reply to Thread
Results 1 to 2 of 2

Thread: iptables + port traffic

  1. iptables + port traffic

    how can i make iptables dump the amount of traffic going through
    specific ports into a file, so that a prog like iam (http://
    www.intevation.de/iam/) can parse the contents and display the port
    traffic.

    or

    does anyone know a better way to measure port traffic?

    thx for the help

    stephane


  2. Re: iptables + port traffic

    Rufman wrote:
    > how can i make iptables dump the amount of traffic going through
    > specific ports into a file, so that a prog like iam (http://
    > www.intevation.de/iam/) can parse the contents and display the port
    > traffic.
    >
    > or
    >
    > does anyone know a better way to measure port traffic?


    I dump select netfilter traffic into a special syslog log file (for
    participation in DShield) with the following syslog.conf line.

    kern.debug;kern.!info /var/log/dshield

    Then in iptables I define custom log targets like

    -A logaccept -j LOG --log-level debug --log-prefix "iptables ACPT: "
    -A logaccept -j ACCEPT

    There are debug messages from the kernel other than netfilter/iptables,
    so I still have to filter the log file before I send it through
    DShield's parser. You'll probably have to do the same.

+ Reply to Thread