要对机房某台机器进行临时性的 内、外网流量统计分开。这种事最好不要放到应用层统计,因为效率很成问题。第一时间想到处于网络二、三层的工具,效率不会被过多影响。 如ntop之类使用libpcap库的工具。
其实iptables也是有包统计。因为每个包都经过它。而且不用安装任何工具。
加入两条规则:
jessinio@jessinio-laptop:~$ sudo iptables -t filter -A INPUT -p all -s 174.121.79.132 -j ACCEPT
jessinio@jessinio-laptop:~$ sudo iptables -t filter -A OUTPUT -p all -d 174.121.79.132 -j ACCEPT
情况:
jessinio@jessinio-laptop:~$ sudo iptables -L
Chain INPUT (policy ACCEPT)
target prot opt source destination
ACCEPT all -- web124.webfaction.com anywhere
Chain FORWARD (policy ACCEPT)
target prot opt source destination
Chain OUTPUT (policy ACCEPT)
target prot opt source destination
ACCEPT all -- anywhere web124.webfaction.com
結果:
jessinio@jessinio-laptop:~$ sudo iptables -L -n -v
Chain INPUT (policy ACCEPT 11M packets, 5033M bytes)
pkts bytes target prot opt in out source destination
10 2088 ACCEPT all -- * * 174.121.79.132 0.0.0.0/0
Chain FORWARD (policy ACCEPT 0 packets, 0 bytes)
pkts bytes target prot opt in out source destination
Chain OUTPUT (policy ACCEPT 14M packets, 14G bytes)
pkts bytes target prot opt in out source destination
48 25152 ACCEPT all -- * * 0.0.0.0/0 174.121.79.132
No comments:
Post a Comment
Note: Only a member of this blog may post a comment.