[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: IPF accounting
- To: misc_(_at_)_openbsd_(_dot_)_org
- Subject: Re: IPF accounting
- From: "Peter Strömberg" <peters_(_at_)_telia_(_dot_)_net>
- Date: Tue, 3 Oct 2000 17:40:45 +0200
- Cc: "cameron charlebois" <cam_charles_(_at_)_hotmail_(_dot_)_com>
- Organization: Telia Carrier & Networks
Den 3 Oct 2000, klockan 14:45
skrev cameron charlebois om (IPF accounting):
> Hey all,
> I have set up a transparent firewall in my basement. I need to be able to
> track how much each of my roommates are downloading per month (my ISP gives
> a limit, costs extra if we go over, want to know which roommate to charge).
Assuming this setup:
Roommate1 (192.168.0.1)
Roommate2 (192.168.0.2)
...
RoommateN (192.168.0.N)
Firewall:
Local nic: le0 (192.168.0.254)
External nic: ex0 (public-ip)
/etc/ipnat.rules
map ex0 192.168.0.0/24 -> public-ip/32 portmap tcp/udp 40000:60000
map ex0 192.168.0.0/24 -> public-ip/32
/etc/ipf.rules
# All traffic for Roommate 1
count in on le0 from 192.168.0.1 to any
count out on le0 from any to 192.168.0.1
# Local traffic for Roommate 1
count in on le0 from 192.168.0.1 to 192.168.0.0/24
count out on le0 from 192.168.0.0/24 to 192.168.0.1
# All traffic for Roommate 2
count in on le0 from 192.168.0.2 to any
count out on le0 from any to 192.168.0.2
# Local traffic for Roommate 2
count in on le0 from 192.168.0.2 to 192.168.0.0/24
count out on le0 from 192.168.0.0/24 to 192.168.0.2
...
# All traffic for Roommate N
count in on le0 from 192.168.0.N to any
count out on le0 from any to 192.168.0.N
# Local traffic for Roommate N
count in on le0 from 192.168.0.N to 192.168.0.0/24
count out on le0 from 192.168.0.0/24 to 192.168.0.N
See stats with ipfstat -oa and ipfstat -ia
Subtract local traffic from all traffic to get external traffic.
/Peter
Visit your host, monkey.org