]>
Commit | Line | Data |
---|---|---|
c6410bf7 | 1 | include/linux/netfilter_ipv4/ipt_account.h | 26 |
2 | net/ipv4/netfilter/Kconfig | 46 + | |
3 | net/ipv4/netfilter/Makefile | 1 | |
4 | net/ipv4/netfilter/ipt_account.c | 937 +++++++++++++++++++++++++++++ | |
5 | 4 files changed, 1010 insertions(+) | |
6 | ||
7 | diff -Nur --exclude '*.orig' linux.org/include/linux/netfilter_ipv4/ipt_account.h linux/include/linux/netfilter_ipv4/ipt_account.h | |
8 | --- linux.org/include/linux/netfilter_ipv4/ipt_account.h 1970-01-01 01:00:00.000000000 +0100 | |
9 | +++ linux/include/linux/netfilter_ipv4/ipt_account.h 2006-05-04 11:23:02.000000000 +0200 | |
10 | @@ -0,0 +1,26 @@ | |
11 | +/* | |
12 | + * accounting match (ipt_account.c) | |
13 | + * (C) 2003,2004 by Piotr Gasidlo (quaker@barbara.eu.org) | |
14 | + * | |
15 | + * Version: 0.1.7 | |
16 | + * | |
17 | + * This software is distributed under the terms of GNU GPL | |
18 | + */ | |
19 | + | |
20 | +#ifndef _IPT_ACCOUNT_H_ | |
21 | +#define _IPT_ACCOUNT_H_ | |
22 | + | |
23 | +#define IPT_ACCOUNT_NAME_LEN 64 | |
24 | + | |
25 | +#define IPT_ACCOUNT_NAME "ipt_account" | |
26 | +#define IPT_ACCOUNT_VERSION "0.1.7" | |
27 | + | |
28 | +struct t_ipt_account_info { | |
29 | + char name[IPT_ACCOUNT_NAME_LEN]; | |
30 | + u_int32_t network; | |
31 | + u_int32_t netmask; | |
32 | + int shortlisting:1; | |
33 | +}; | |
34 | + | |
35 | +#endif | |
36 | + | |
37 | diff -Nur --exclude '*.orig' linux.org/net/ipv4/netfilter/Kconfig linux/net/ipv4/netfilter/Kconfig | |
38 | --- linux.org/net/ipv4/netfilter/Kconfig 2006-05-02 23:38:44.000000000 +0200 | |
39 | +++ linux/net/ipv4/netfilter/Kconfig 2006-05-04 11:23:02.000000000 +0200 | |
40 | @@ -606,5 +606,51 @@ | |
41 | Allows altering the ARP packet payload: source and destination | |
42 | hardware and network addresses. | |
43 | ||
44 | +config IP_NF_MATCH_ACCOUNT | |
45 | + tristate "account match support" | |
46 | + depends on IP_NF_IPTABLES && PROC_FS | |
47 | + help | |
48 | + This match is used for accounting traffic for all hosts in | |
49 | + defined network/netmask. | |
50 | + | |
51 | + Features: | |
52 | + - long (one counter per protocol TCP/UDP/IMCP/Other) and short statistics | |
53 | + - one iptables rule for all hosts in network/netmask | |
54 | + - loading/saving counters (by reading/writting to procfs entries) | |
55 | + | |
56 | + Example usage: | |
57 | + | |
58 | + account traffic for/to 192.168.0.0/24 network into table mynetwork: | |
59 | + | |
60 | + # iptables -A FORWARD -m account --aname mynetwork --aaddr 192.168.0.0/24 | |
61 | + | |
62 | + account traffic for/to WWW serwer for 192.168.0.0/24 network into table | |
63 | + mywwwserver: | |
64 | + | |
65 | + # iptables -A INPUT -p tcp --dport 80 | |
66 | + -m account --aname mywwwserver --aaddr 192.168.0.0/24 --ashort | |
67 | + # iptables -A OUTPUT -p tcp --sport 80 | |
68 | + -m account --aname mywwwserver --aaddr 192.168.0.0/24 --ashort | |
69 | + | |
70 | + read counters: | |
71 | + | |
72 | + # cat /proc/net/ipt_account/mynetwork | |
73 | + # cat /proc/net/ipt_account/mywwwserver | |
74 | + | |
75 | + set counters: | |
76 | + | |
77 | + # echo "ip = 192.168.0.1 packets_src = 0" > /proc/net/ipt_account/mywwserver | |
78 | + | |
79 | + Webpage: | |
80 | + http://www.barbara.eu.org/~quaker/ipt_account/ | |
81 | + | |
82 | +config IP_NF_MATCH_ACCOUNT_DEBUG | |
83 | + bool "account debugging output" | |
84 | + depends on IP_NF_MATCH_ACCOUNT | |
85 | + help | |
86 | + Say Y to get lots of debugging output. | |
87 | + | |
88 | + | |
89 | + | |
90 | endmenu | |
91 | ||
92 | diff -Nur --exclude '*.orig' linux.org/net/ipv4/netfilter/Makefile linux/net/ipv4/netfilter/Makefile | |
93 | --- linux.org/net/ipv4/netfilter/Makefile 2006-05-02 23:38:44.000000000 +0200 | |
94 | +++ linux/net/ipv4/netfilter/Makefile 2006-05-04 11:23:02.000000000 +0200 | |
95 | @@ -0,0 +0,1 @@ | |
96 | +obj-$(CONFIG_IP_NF_MATCH_ACCOUNT) += ipt_account.o | |
97 | diff -Nur --exclude '*.orig' linux.org/net/ipv4/netfilter/ipt_account.c linux/net/ipv4/netfilter/ipt_account.c | |
98 | --- linux.org/net/ipv4/netfilter/ipt_account.c 1970-01-01 01:00:00.000000000 +0100 | |
99 | +++ linux/net/ipv4/netfilter/ipt_account.c 2006-05-04 11:23:02.000000000 +0200 | |
100 | @@ -0,0 +1,938 @@ | |
101 | +/* | |
102 | + * accounting match (ipt_account.c) | |
103 | + * (C) 2003,2004 by Piotr Gasidlo (quaker@barbara.eu.org) | |
104 | + * | |
105 | + * Version: 0.1.7 | |
106 | + * | |
107 | + * This software is distributed under the terms of GNU GPL | |
108 | + */ | |
109 | + | |
110 | +#include <linux/module.h> | |
111 | +#include <linux/skbuff.h> | |
112 | +#include <linux/proc_fs.h> | |
113 | +#include <linux/spinlock.h> | |
114 | +#include <linux/vmalloc.h> | |
115 | +#include <linux/interrupt.h> | |
116 | +#include <linux/ctype.h> | |
117 | + | |
118 | +#include <linux/seq_file.h> | |
119 | + | |
120 | +#include <asm/uaccess.h> | |
121 | + | |
122 | +#include <linux/ip.h> | |
123 | +#include <linux/tcp.h> | |
124 | +#include <linux/udp.h> | |
125 | + | |
126 | +#include <linux/netfilter_ipv4/ip_tables.h> | |
127 | +#include <linux/netfilter_ipv4/ipt_account.h> | |
128 | + | |
129 | +#if defined(CONFIG_IP_NF_MATCH_ACCOUNT_DEBUG) | |
130 | + #define dprintk(format,args...) printk(format,##args) | |
131 | +#else | |
132 | + #define dprintk(format,args...) | |
133 | +#endif | |
134 | + | |
135 | +static char version[] = | |
136 | Content-type: text/html ]>