[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: Setting up an accounting bridge with OpenBSD

To: misc_(_at_)_openbsd_(_dot_)_org
Subject: Re: Setting up an accounting bridge with OpenBSD
From: "Patrick Giagnocavo +1.717.201.3366" <patrick_(_at_)_zill_(_dot_)_net>
Date: Wed, 5 May 2004 16:28:33 -0400
Reply-to: patrick_(_at_)_zill_(_dot_)_net

On Wed, May 05, 2004 at 12:37:38PM -0700, Geoff White wrote:
> As a bridge, that will do packet accounting of the traffic passing in one 
> interface and out the other.  I'd like to set this up so that the box 
> doesn't have need or have any IP addresses  on the bridging interfaces (the 
> admin will occur on the third interface) can anybody point me to doc that 
> would...
> 
> 1) tell me the right way to ifconfig the interfaces for address-less 
> operation, (in particular how to configure pf to input, log-count packets 
> and pass them out another interface)

You need to set up a bridge.  When the bridge is setup properly,
running ifconfig -a will show both ethernet interfaces UP and the
bridge0 device as UP .

in your pf.conf:

===

table <customername> { 10.1.1.2 }
table <customername2> { 10.1.1.3, 10.1.1.4 }

pass in to <customername> label "customername-inbound" keep state
pass out from <customername> label "customername-outbound" keep state

pass in to <customername2> label "customername2-inbound" keep state
pass out from <customername2> label "customername2-outbound" keep state

===

then, every 5 minutes (from cron) run pfctl -zvvsl to zero the
counters and get the results.  The last number on each line is the
number of bytes transmitted.  A short Perl, awk, or TCL script can
grab this info.

> 2) What accounting stuff to use (or do I roll my own)

Or, use ipfm .

> 3) Data display (I suppose I should use MRTG right?)

You don't technically need this if you are just doing per-month
results.  But pretty graphs are nice.  Use MRTG or RRDtool.
 
> I'm trying to audit my traffic in my cage so I can see how much bandwidth 
> each IP address is using, the end result will be to bill my customers that 
> are using WAY too much bandwidth.

Hope this helps.

Cordially
-- 
+--------------------------------------------------+
| Patrick Giagnocavo, patrick_(_at_)_zill_(_dot_)_net             |
| Zill.Net - OpenACS, Postgres, Web hosting        |
| OpenACS v4 shared server       $19.95/month      |
| Colocation w/50GB transfer     $99.00/month      |
| Managed servers (incl. system) $175/month        |
+--------------------------------------------------+

References:
- Setting up an accounting bridge with OpenBSD
  - From: Geoff White

Prev by Date: OpenBSD on Cobalt Raq2
Next by Date: Re: 3.5-release console lockup
Previous by thread: Setting up an accounting bridge with OpenBSD
Next by thread: OpenBSD on Cobalt Raq2
Index(es):
- Date
- Thread

Visit your host, monkey.org