Thossapron Apinyapanha
2006-Nov-12  18:18 UTC
Script for get bandwidth statistic from iptable
i search a lot forum how to get bandwidth statistic such number of packet, total byte in each application protocol by using IPTABLES + netfilter-layer7 but i don''t know which script for getting it in log file and use data after get it for plotting graph later my IPTABLES command like this iptables -t mangle -N all iptables -t mangle -A POSTROUTING -j all iptables -t mangle -A POSTROUTING -p udp --sport 4444 -j CLASSIFY --set-class 1:11 iptables -t mangle -A POSTROUTING -m layer7 --l7proto mms -j CLASSIFY --set-class 1:12 iptables -t mangle -A POSTROUTING -m layer7 --l7proto telnet -j CLASSIFY --set-class 1:13 iptables -t mangle -A POSTROUTING -m layer7 --l7proto ftp ftp-data -j CLASSIFY --set-class 1:14 iptables -t mangle -A POSTROUTING -m layer7 --l7proto http -j CLASSIFY --set-class 1:15 please advise me about perl script _______________________________________________ LARTC mailing list LARTC@mailman.ds9a.nl http://mailman.ds9a.nl/cgi-bin/mailman/listinfo/lartc
Thossapron Apinyapanha wrote:> i search a lot forum how to get bandwidth statistic such number of packet, total byte in each application protocol by using IPTABLES + netfilter-layer7 > > but i don''t know which script for getting it in log file and use data after get it for plotting graph later > > my IPTABLES command like this > > iptables -t mangle -N all > iptables -t mangle -A POSTROUTING -j all > iptables -t mangle -A POSTROUTING -p udp --sport 4444 -j CLASSIFY --set-class 1:11 > iptables -t mangle -A POSTROUTING -m layer7 --l7proto mms -j CLASSIFY --set-class 1:12 > iptables -t mangle -A POSTROUTING -m layer7 --l7proto telnet -j CLASSIFY --set-class 1:13 > iptables -t mangle -A POSTROUTING -m layer7 --l7proto ftp ftp-data -j CLASSIFY --set-class 1:14 > iptables -t mangle -A POSTROUTING -m layer7 --l7proto http -j CLASSIFY --set-class 1:15 > > > please advise me about perl scriptDon''t know about scripts as such - iptables -Lvn will give stats. I think the above will need connmark aswell to work properly. I haven''t tried l7 but suspect the above rules will only classify the first packets of each connection. Andy.