BackupPC-users
[Top] [All Lists]
<prev [Date] next>
[Advanced]
 <prev [Thread] next>

Re: [BackupPC-users] [OT] Using iptables for traffic accounting

2009-05-26 06:09:02
Subject: Re: [BackupPC-users] [OT] Using iptables for traffic accounting
From: Holger Parplies <wbppc AT parplies DOT de>
To: Boniforti Flavio <flavio AT piramide DOT ch>
Date: Tue, 26 May 2009 12:02:16 +0200 
Hi,

Boniforti Flavio wrote on 2009-05-26 09:07:11 +0200 [[BackupPC-users] [OT] 
Using iptables for traffic accounting]:
> [...]
> This is the output I got:

no, it isn't. Please don't make it unnecessarily hard for us by wrapping
lines.

> Chain INPUT (policy ACCEPT 22M packets, 55G bytes)
>  pkts bytes target     prot opt in     out     source     destination
>     0     0            tcp  --  *      *       0.0.0.0/0  127.0.0.1           
> tcp dpt:8876

Your rule is incorrect. I'll quote myself:
> iptables -I INPUT -s client_addr -d backuppc_server_addr -p tcp --sport 22

For INPUT to the BackupPC server, it's --sport, not --dport that you want to
set. It's the other end that has port 8876. On the initiating side (BackupPC
server), a random port is allocated. If your remote side happens to be the
BackupPC server, too, then you're simply measuring the wrong way around (swap
INPUT and OUTPUT), otherwise you're measuring something arbitrary (you
obviously are measuring something).

So, change --sport to --dport and vice-versa.

> iptables -I INPUT -d localhost -p tcp --dport 8873

should be

> iptables -I INPUT -d localhost -p tcp --sport 8873

Aside from that, the "-I" was meant to insert the rule at the top, regardless
of what other rules you might have (you might do this in DumpPreUserCmd). If
you're just setting up static rules, you can use "-A" instead to keep them in
the order you're adding them (and you don't have any other rules that would
cause the accounting rules not to be reached).

Regards,
Holger

------------------------------------------------------------------------------
Register Now for Creativity and Technology (CaT), June 3rd, NYC. CaT
is a gathering of tech-side developers & brand creativity professionals. Meet
the minds behind Google Creative Lab, Visual Complexity, Processing, & 
iPhoneDevCamp asthey present alongside digital heavyweights like Barbarian
Group, R/GA, & Big Spaceship. http://www.creativitycat.com 
_______________________________________________
BackupPC-users mailing list
BackupPC-users AT lists.sourceforge DOT net
List:    https://lists.sourceforge.net/lists/listinfo/backuppc-users
Wiki:    http://backuppc.wiki.sourceforge.net
Project: http://backuppc.sourceforge.net/
[More with this subject...]
<Prev in Thread] Current Thread [Next in Thread>
Previous by Date:  Re: [BackupPC-users] [OT] Using iptables for traffic accounting, Tino Schwarze
Next by Date:  Re: [BackupPC-users] PLEASE READ BEFORE POSTING, Holger Parplies
Previous by Thread:  Re: [BackupPC-users] [OT] Using iptables for traffic accounting, Adam Goryachev
Next by Thread:  Re: [BackupPC-users] [OT] Using iptables for traffic accounting, Boniforti Flavio
Indexes:  [Date] [Thread] [Top] [All Lists]