Hi,
why not just do a rule like:
iptable -A FORWARD -m state --state NEW -j ACCEPT
them you can count how many packet/bytes with:
iptables -L -v -x
if you want to go further you can do something like:
#!/bin/sh
$packets=$(iptables -L -v -x | awk '/state NEW/' {print $1})
echo $packets
now, you can even use it as a input to rrdtool ! :-)
On Thursday 06 November 2003 08:42, Kuba Jakubik wrote:
> -----BEGIN PGP SIGNED MESSAGE-----
> Hash: SHA1
>
> hi list,
>
> | How to determine normal/peak rate of packets with SYN to my debian
>
> box, for using this value
>
> | in iptables limit match.
>
> here you are:
>
> - --- CUT ---
> #!/bin/sh
>
> TEMPFILE=`tempfile`
> SCOREFILE="/tmp/scorefile"
> MYHOST="10.0.0.254"
>
> while [ 1 -eq 1 ]; do
> DATE1=`date +%s`
> tcpdump tcp[13]=0x2 and dst $MYHOST 2> /dev/null > $TEMPFILE &
> sleep 10
> killall tcpdump
> DATE2=`date +%s`
> NUMBER=`cat $TEMPFILE | wc -l`
> echo "$DATE1 $DATE2 $NUMBER" >> $SCOREFILE
> echo -n > $TEMPFILE
> done
>
> rm $TEMPFILE
> - --- CUT ---
>
> just change MYHOST to your ip and viola :)
> then just suck the scorefile to some spreadsheet or just visually
> analise it.
>
> Greetings,
>
> Kuba BIGHard Jakubik
> -----BEGIN PGP SIGNATURE-----
> Version: GnuPG v1.2.2 (GNU/Linux)
> Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org
>
> iD8DBQE/qiWWYcNicAJN4x0RAlmdAKCjnRdkkGvMH1IH5B0s40Y9dvFjIACgvYSp
> +GfEY0MQcUV9tHMpxZIfD0Y=
> =ePJs
> -----END PGP SIGNATURE-----
--
Christian Lyra
POP-PR - RNP
http://lyra.soueu.com.br
http://wecanstopspam.org
The highest sounds are hardest to hear.
Going forward is a way to retreat.
Great talent shows itself late in life.
Even a perfect program still has bugs.
The Tao Of Programing
--
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
