Hello,
so my setup with kvm is perfect, thank you very Tom for your help so far!
I''ve got another question about accouting.
I''ve got a bridge:
brctl show
bridge name bridge id STP enabled interfaces
dmz0 8000.00ff10c5b9a5 yes vnet0
vnet1
This bridge is handled by shorewall in a two interface way with
proxyarp, so I think the bridge section on
http://www.shorewall.net/Accounting.html doesn''t apply to my case.
AFAIK the interface I''d have to add in the example on the above page
would be vnet0 or vnet1
So I tried that, thus I had to list these two interfaces in the
interfaces file, which looks like this now:
net eth0 detect
tcpflags,routefilter,nosmurfs,logmartians,blacklist
kvm dmz0 detect blacklist,routeback,nosmurfs
kvm vnet0 detect blacklist,routeback,nosmurfs
kvm vnet1 detect blacklist,routeback,nosmurfs
The only way I get counted anything is to use this accounting file:
web:COUNT - eth0 dmz0 tcp 80
web:COUNT - dmz0 eth0 tcp
- 80
DONE web
So the traffic is being counted for all the bridge''s activities on
dmz0.
Using vnet0 instead of dmz0 is not possible, I wouldn''t see any traffic
counted.
How can I establish accounting for my case in order to see traffic
separated by vnet0/vnet1/...?
Thanks
Michael
------------------------------------------------------------------------------
Open Source Business Conference (OSBC), March 24-25, 2009, San Francisco, CA
-OSBC tackles the biggest issue in open source: Open Sourcing the Enterprise
-Strategies to boost innovation and cut costs with open source participation
-Receive a $600 discount off the registration fee with the source code: SFAD
http://p.sf.net/sfu/XcvMzF8H
Michael Kress wrote:> > How can I establish accounting for my case in order to see traffic > separated by vnet0/vnet1/...?You must qualify dmz0 with an IP address. Or simply use IP addresses without specifying dmz0. If you want to use symbolic names to refer to the individual guests, use shell variables. -Tom -- Tom Eastep \ When I die, I want to go like my Grandfather who Shoreline, \ died peacefully in his sleep. Not screaming like Washington, USA \ all of the passengers in his car http://shorewall.net \________________________________________________ ------------------------------------------------------------------------------ Open Source Business Conference (OSBC), March 24-25, 2009, San Francisco, CA -OSBC tackles the biggest issue in open source: Open Sourcing the Enterprise -Strategies to boost innovation and cut costs with open source participation -Receive a $600 discount off the registration fee with the source code: SFAD http://p.sf.net/sfu/XcvMzF8H
Tom Eastep wrote:> Michael Kress wrote: > >> How can I establish accounting for my case in order to see traffic >> separated by vnet0/vnet1/...? >> > > You must qualify dmz0 with an IP address. Or simply use IP addresses > without specifying dmz0. If you want to use symbolic names to refer to > the individual guests, use shell variables. >Another perfect solution! Thanks a lot, works great! Michael ------------------------------------------------------------------------------ Open Source Business Conference (OSBC), March 24-25, 2009, San Francisco, CA -OSBC tackles the biggest issue in open source: Open Sourcing the Enterprise -Strategies to boost innovation and cut costs with open source participation -Receive a $600 discount off the registration fee with the source code: SFAD http://p.sf.net/sfu/XcvMzF8H