Traffic counting

Hi!

Is iptables/ipchains the only mechanism to count network traffic in Linux? If
not, what are other mechanisms?

Thank you.

--
Dmitry Davletbaev.

Dmitry Davletbaev wrote:

>Hi!
>
>Is iptables/ipchains the only mechanism to count network traffic in Linux? If
>not, what are other mechanisms?
>
>Thank you.
>
>
>

There is a number of traffic accounting programs based on libpcap. I
use pmacct, for example, but there are more.

Hope this helps,
Mihai

Dmitry,

On 2005-05-04, Dmitry Davletbaev <no-(E-Mail Removed)> wrote:
> Hi!
>
> Is iptables/ipchains the only mechanism to count network traffic in Linux? If
> not, what are other mechanisms?
>
depends what you are counting, we for example have L2TP tunnels and use the
l2tpd daemon to do the counting for us. All you do is script a telnet in and
running a particular command and munching the output.

If you do use iptables and have more than 500 individual IP's to track I
recommend you 'hash' the IP's. Create a bunch of chains for each /24, /26,
/28, whatever suits you best and have first of all a bunch of iptables rules
to jump to the correct chain. Think always in terms of 'average rule parsing
length' and try to keep this value as low as possible.

Cheers

Alex