On 16/03/2016 16:36, Göran Höglund wrote: > My goal is account on IP not services ant the below is a snippet from > my accounting config file. > But it get fooled by our intercepting squid service
The problem you will encounter is that the traffic is effectively anonymised by squid. You can a) Measure internal traffic, that way you measure internal IP <-> squid. However, if squid caching is effective this will overestimate the net bandwidth actually used b) You could use squid accounting for the per user bandwidth (tag incoming with something, eg ip) c) You can't yet, but I keep meaning to write the code to tag outgoing connections with fw marks in squid. Part of the code is already in place thanks to Andy Beverley. I have already sponsored changes in dnsmasq to do exactly this for example. This means you can simply setup accounting rules on connection marks (might need a bit more work to setup unique connection marks per IP, but lots of ways to do this in ipv4 space and feasible in ipv6 space also). If anyone is interested in beating me to coding up the squid stuff then please be my guest!! Ed W ------------------------------------------------------------------------------ Transform Data into Opportunity. Accelerate data analysis in your applications with Intel Data Analytics Acceleration Library. Click to learn more. http://pubads.g.doubleclick.net/gampad/clk?id=278785231&iu=/4140 _______________________________________________ Shorewall-users mailing list Shorewall-users@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/shorewall-users
