Hello. I have difficulties setting up accounting with shorewall. This is what I want to do: My server has one interface eth0, which is connected to the internet. Theres no LAN. I want to count all in- and outbound tcp-traffic through that interface except the traffic to/from one single IP which should not be counted. Is there a way to realize this? __________________________________________________ Do You Yahoo!? Tired of spam? Yahoo! Mail has the best spam protection around http://mail.yahoo.com ------------------------------------------------------- SF.Net email is Sponsored by the Better Software Conference & EXPO September 19-22, 2005 * San Francisco, CA * Development Lifecycle Practices Agile & Plan-Driven Development * Managing Projects & Teams * Testing & QA Security * Process Improvement & Measurement * http://www.sqe.com/bsce5sf
John Manson wrote:> Hello. > > I have difficulties setting up accounting with > shorewall. > This is what I want to do: > My server has one interface eth0, which is connected > to the internet. Theres no LAN. > I want to count all in- and outbound tcp-traffic > through that interface except the traffic to/from one > single IP which should not be counted. > > Is there a way to realize this?As I told you on IRC, I really hate writing people''s rules for them but here goes (I''m taking you literally that you only want to count TCP packets and not other protocols): COUNT - eth0:!<ip addr> - tcp COUNT - - eth0:!<ip addr> tcp There are other more complex ways as well: DONE - eth0:<ipaddr> DONE - - eth0:<ipaddr> COUNT - eth0 - tcp COUNT - - eth0 tcp The latter works well if you want to count other traffic (by adding additional rules). Any COUNT rules after the two DONE rules will exclude traffic to/from <ipaddr>. Any COUNT rules before the DONE rules will include traffic to/from <ipaddr>. -Tom -- Tom Eastep \ Nothing is foolproof to a sufficiently talented fool Shoreline, \ http://shorewall.net Washington USA \ teastep@shorewall.net PGP Public Key \ https://lists.shorewall.net/teastep.pgp.key