ipac-ng

ipac-ng

Post by David Findla » Sat, 19 Jan 2002 10:04:37



I'm using Ipac NG on a machine that is acting as a router, and have the
following rules:

Host 2 - Downloads|out|eth0|all|192.168.0.2|!192.168.0.1
Host 2 - Uploads|in|eth0|all|!192.168.0.1|192.168.0.2

It should be recording everything that doesn't go directly to that
server. I'm trying to basically find out how much each host is uploading
and downloading from the internet. I also run a transparent proxy on the
machine which redirects all outgoing web stuff from port 80 to 3128. I
want this all included on my totals. What am I doing wrong with this
ipac-ng rule? Thanks,

David

 
 
 

ipac-ng

Post by Dean Thompso » Sat, 19 Jan 2002 10:50:23


Hi!,


> I'm using Ipac NG on a machine that is acting as a router, and have the
> following rules:

> Host 2 - Downloads|out|eth0|all|192.168.0.2|!192.168.0.1
> Host 2 - Uploads|in|eth0|all|!192.168.0.1|192.168.0.2

> It should be recording everything that doesn't go directly to that
> server. I'm trying to basically find out how much each host is uploading
> and downloading from the internet. I also run a transparent proxy on the
> machine which redirects all outgoing web stuff from port 80 to 3128. I
> want this all included on my totals. What am I doing wrong with this
> ipac-ng rule? Thanks,

In my case, I replaced the !192.168.0.1 entry with 0.0.0.0/0 and I would use
192.168.0.2/32 rather than just the IP number itself.  This seemed to work for
me.

See ya

Dean Thompson

--
+____________________________+____________________________________________+

| Bach. Computing (Hons)     | ICQ     - 45191180                         |
| PhD Student                | Office  - <Off-Campus>                     |
| School Comp.Sci & Soft.Eng | Phone   - +61 3 9903 2787 (Gen. Office)    |
| MONASH (Caulfield Campus)  | Fax     - +61 3 9903 1077                  |
| Melbourne, Australia       |                                            |
+----------------------------+--------------------------------------------+

 
 
 

ipac-ng

Post by David Findla » Sat, 19 Jan 2002 11:41:48



> Hi!,


>> I'm using Ipac NG on a machine that is acting as a router, and have the
>> following rules:

>> Host 2 - Downloads|out|eth0|all|192.168.0.2|!192.168.0.1 Host 2 -
>> Uploads|in|eth0|all|!192.168.0.1|192.168.0.2

>> It should be recording everything that doesn't go directly to that
>> server. I'm trying to basically find out how much each host is
>> uploading and downloading from the internet. I also run a transparent
>> proxy on the machine which redirects all outgoing web stuff from port
>> 80 to 3128. I want this all included on my totals. What am I doing
>> wrong with this ipac-ng rule? Thanks,

> In my case, I replaced the !192.168.0.1 entry with 0.0.0.0/0 and I would
> use 192.168.0.2/32 rather than just the IP number itself.  This seemed
> to work for me.

Okay thanks. Would the 0.0.0.0/0 capture everything? I don't want to
capture the data transfer to the server itself. Thanks,

David

 
 
 

ipac-ng

Post by David Findla » Sat, 19 Jan 2002 12:47:06



> Hi!,


>> I'm using Ipac NG on a machine that is acting as a router, and have the
>> following rules:

>> Host 2 - Downloads|out|eth0|all|192.168.0.2|!192.168.0.1 Host 2 -
>> Uploads|in|eth0|all|!192.168.0.1|192.168.0.2

>> It should be recording everything that doesn't go directly to that
>> server. I'm trying to basically find out how much each host is
>> uploading and downloading from the internet. I also run a transparent
>> proxy on the machine which redirects all outgoing web stuff from port
>> 80 to 3128. I want this all included on my totals. What am I doing
>> wrong with this ipac-ng rule? Thanks,

> In my case, I replaced the !192.168.0.1 entry with 0.0.0.0/0 and I would
> use 192.168.0.2/32 rather than just the IP number itself.  This seemed
> to work for me.

Hmm. I just tried that, and I'm still not getting any data logged. All
the iptables counters just read 0. Any ideas? Thanks,

David

 
 
 

ipac-ng

Post by Dean Thompso » Sun, 20 Jan 2002 10:59:53


Hi!,



> > Hi!,


> >> I'm using Ipac NG on a machine that is acting as a router, and have the
> >> following rules:

> >> Host 2 - Downloads|out|eth0|all|192.168.0.2|!192.168.0.1 Host 2 -
> >> Uploads|in|eth0|all|!192.168.0.1|192.168.0.2

> >> It should be recording everything that doesn't go directly to that
> >> server. I'm trying to basically find out how much each host is
> >> uploading and downloading from the internet. I also run a transparent
> >> proxy on the machine which redirects all outgoing web stuff from port
> >> 80 to 3128. I want this all included on my totals. What am I doing
> >> wrong with this ipac-ng rule? Thanks,

> > In my case, I replaced the !192.168.0.1 entry with 0.0.0.0/0 and I would
> > use 192.168.0.2/32 rather than just the IP number itself.  This seemed
> > to work for me.

> Okay thanks. Would the 0.0.0.0/0 capture everything? I don't want to
> capture the data transfer to the server itself. Thanks,

Good question, I use the 0.0.0.0/0 address to capture all the data which a
certain machine has sent out from the server.  As far as I know, it doesn't
capture the data arriving at the server.  It is all to do with the way that
ipac places the rules into the ipchains system.

See ya

Dean Thompson

--
+____________________________+____________________________________________+

| Bach. Computing (Hons)     | ICQ     - 45191180                         |
| PhD Student                | Office  - <Off-Campus>                     |
| School Comp.Sci & Soft.Eng | Phone   - +61 3 9903 2787 (Gen. Office)    |
| MONASH (Caulfield Campus)  | Fax     - +61 3 9903 1077                  |
| Melbourne, Australia       |                                            |
+----------------------------+--------------------------------------------+

 
 
 

ipac-ng

Post by Dean Thompso » Sun, 20 Jan 2002 11:00:59


Hi!,



> > Hi!,


> >> I'm using Ipac NG on a machine that is acting as a router, and have the
> >> following rules:

> >> Host 2 - Downloads|out|eth0|all|192.168.0.2|!192.168.0.1 Host 2 -
> >> Uploads|in|eth0|all|!192.168.0.1|192.168.0.2

> >> It should be recording everything that doesn't go directly to that
> >> server. I'm trying to basically find out how much each host is
> >> uploading and downloading from the internet. I also run a transparent
> >> proxy on the machine which redirects all outgoing web stuff from port
> >> 80 to 3128. I want this all included on my totals. What am I doing
> >> wrong with this ipac-ng rule? Thanks,

> > In my case, I replaced the !192.168.0.1 entry with 0.0.0.0/0 and I would
> > use 192.168.0.2/32 rather than just the IP number itself.  This seemed
> > to work for me.

> Hmm. I just tried that, and I'm still not getting any data logged. All
> the iptables counters just read 0. Any ideas? Thanks,

Okay, does your source address have a /32 on the end ?

See ya

Dean Thompson

--
+____________________________+____________________________________________+

| Bach. Computing (Hons)     | ICQ     - 45191180                         |
| PhD Student                | Office  - <Off-Campus>                     |
| School Comp.Sci & Soft.Eng | Phone   - +61 3 9903 2787 (Gen. Office)    |
| MONASH (Caulfield Campus)  | Fax     - +61 3 9903 1077                  |
| Melbourne, Australia       |                                            |
+----------------------------+--------------------------------------------+

 
 
 

1. ipac-ng: /usr/sbin/fetchipac: data corrupted

Hi all,

I recently set up a Linux-Gateway running Debian testing. Now I wanted
to use ipac-ng for traffic accounting (did this before on other
servers - no prob there).
On the actual box I get the following error calling ipacsum, but only
when accouting was up for 1 hour or so - initial accounting works,
though:

GDBM storage returned too many data for timestamp 1074191401 Aborting
/usr/sbin/fetchipac: data corrupted

I'm using:
ipac-ng 1.27-3
iptables 1.2.9-1
kernel 2.4.22-3
libgdbm3 1.8.3-2

Error occurs also with the default-rules from the package.

Any idea how to fix this? I googled this error, but apparently I'm
privileged with this ;-)
Maybe someone can point me to an alternative to ipac-ng? I just want
to know the traffic in sum and splitted to the different protocols
(http, ssh, smtp, ...).

Thanks in advance,
Kai

2. 16MB of RAM!!!

3. ipac.conf

4. Nautilus HTML Viewer failed

5. Linux IPAC datafile format

6. Network driver performance

7. Help with ipac-1.10 - IP Accounting Software for Linux

8. GPL and the Open Source License

9. ip accounting with ipac

10. Diamond Speedstar A50 ok XFree86 3.3.3.1, NG XFree86 3.3.5

11. Lag in this ng

12. Wlan-ng help. p80211 module symbols

13. Checkpoint NG(Policy Editor) running on Solaris 8