Traffic summary using iptables
JWIp6F <a href="http://cbsntsboodmg.com/">cbsntsboodmg</a>, [url=http://anghctaosyqj.com/]anghctaosyqj[/url], [link=http://rzszcorsmwfy.com/]rzszcorsmwfy[/link], http://chnkfulmbhvi.com/
comment6, http://respelesstan.re.funpic.de/picture-of-dooney-and-bourke-purse.html picture of dooney and bourke purse, ihv, http://respelesstan.re.funpic.de/rossetti-bags-vegan.html small black leather coach handbag, bkgw, http://respelesstan.re.funpic.de/a-store-to-make-handbags.html a store to make handbags, 8-D,
comment2, http://suppsatsimppi.tk/kak-privorozhit-parnya-na-sigarete.html ����������� �������� ������, >:), http://suppsatsimppi.tk/kak-kurenie-vredit-legkim.html ������� �� ��������, :-(((, http://suppsatsimppi.tk/vliyanie-kureniya-na-serdce-referat.html �������� ������, sebcmq,
Cron entry
I've added this to crontab (crontab -e)
## Grab data every 5min. This is a relatively lightweight operation taking ~0.3s on old hardware */5 * * * * /usr/local/sbin/grabTraffic.pl ## Reset data every hour 59 * * * * /usr/local/sbin/grabTraffic.pl --reset
Database create options
For those wanting it; I've made a unique key formed by year+month+day+hour+source. It's highly inefficient, but I'm dealing with a relatively low amount of data on my end (checking 3 hosts, so for a year I'll have a max of 3 hosts * 24 hours * 365 days ~= 25000 entries).
CREATE TABLE `traffic` ( `id` int(11) NOT NULL AUTO_INCREMENT, `year` smallint(4) DEFAULT NULL, `month` smallint(2) DEFAULT NULL, `day` smallint(2) DEFAULT NULL, `hour` smallint(2) DEFAULT NULL, `source` varchar(20) DEFAULT NULL, `traffic` bigint(20) DEFAULT NULL, PRIMARY KEY (`id`), UNIQUE KEY `datecheck` (`year`,`month`,`day`,`hour`,`source`) ) ENGINE=MyISAM AUTO_INCREMENT=13 DEFAULT CHARSET=latin1
Sample data would look like
mysql> SELECT * FROM traffic; +----+------+-------+------+------+---------------+-----------+ | id | year | month | day | hour | source | traffic | +----+------+-------+------+------+---------------+-----------+ | 1 | 2011 | 3 | 12 | 14 | 192.168.0.210 | 273143717 | | 2 | 2011 | 3 | 12 | 14 | 192.168.0.220 | 2920 | | 3 | 2011 | 3 | 12 | 14 | 192.168.0.240 | 30071 | | 4 | 2011 | 3 | 12 | 15 | 192.168.0.210 | 3111394 | | 5 | 2011 | 3 | 12 | 15 | 192.168.0.220 | 0 | | 6 | 2011 | 3 | 12 | 15 | 192.168.0.240 | 1379200 | | 7 | 2011 | 3 | 12 | 16 | 192.168.0.210 | 376536344 | | 8 | 2011 | 3 | 12 | 16 | 192.168.0.220 | 1572 | | 9 | 2011 | 3 | 12 | 16 | 192.168.0.240 | 42356 | | 10 | 2011 | 3 | 12 | 17 | 192.168.0.210 | 665197917 | | 11 | 2011 | 3 | 12 | 17 | 192.168.0.220 | 1440 | | 12 | 2011 | 3 | 12 | 17 | 192.168.0.240 | 60937 | [ ... ]
Example iptables output to test if it's working
For ingoing traffic, issue:
root@gateway:~# iptables -L TRAFFIC_ACCT_IN -n -v -x Chain TRAFFIC_ACCT_IN (1 references) pkts bytes target prot opt in out source destination 968985 56959759 all -- * * 0.0.0.0/0 192.168.0.210 78 4328 all -- * * 0.0.0.0/0 192.168.0.220 55144 80428099 all -- * * 0.0.0.0/0 192.168.0.240
For outgoing, do:
root@gateway:~# iptables -L TRAFFIC_ACCT_OUT -n -v -x Chain TRAFFIC_ACCT_OUT (1 references) pkts bytes target prot opt in out source destination 12713 4252586 all -- * * 192.168.0.210 0.0.0.0/0 26 1440 all -- * * 192.168.0.220 0.0.0.0/0 928 53851 all -- * * 192.168.0.240 0.0.0.0/0
If you need to flush the counter for any of those, just use the -Z option followed by the chain-name:
iptables -Z TRAFFIC_ACCT_OUT