From: Thomas Fjellstrom <thomas@fjellstrom.ca>
Reply-To: thomas@fjellstrom.ca
To: Alexander Clouter <alex@digriz.org.uk>
Subject: Re: low overhead packet capturing on linux
Date: Wed, 1 Dec 2010 03:18:25 -0700
User-Agent: KMail/1.13.5 (Linux/2.6.36; KDE/4.5.2; x86_64; svn-1188918; 2010-10-21)
Cc: linux-kernel@vger.kernel.org
References: <201011301728.05197.thomas@fjellstrom.ca> <1lghs7-l16.ln1@chipmunk.wormnet.eu>
In-Reply-To: <1lghs7-l16.ln1@chipmunk.wormnet.eu>
MIME-Version: 1.0
Content-Type: Text/Plain;
  charset="iso-8859-15"
Content-Transfer-Encoding: 7bit
Message-Id: <201012010318.25133.thomas@fjellstrom.ca>
Sender: linux-kernel-owner@vger.kernel.org
Content-Length: 1160
Lines: 30

On December 1, 2010, you wrote:
> Thomas Fjellstrom <thomas@fjellstrom.ca> wrote:
> > I'm working on a little tool to monitor and measure bandwidth use on a vm
> > host, down to keeping track of all guest and host bandwidth, including,
> > eventually per layer7 protocol use.
> 
> ...iptables?  You get packet and byte counters there for free and you
> can have a 'web, smtp, $service[0], $service[1], ... , other' easily
> enough.

Not with full layer7 support these days. None of the old things like pp2p or 
l7filter will even apply to anything remotely resembling a recent kernel.

Also I'm not sure it'll dynamically keep track of hosts. My solution will 
track all hosts it sees. Where as iptables would be somewhat manual.

> Five to eight years ago we (an ISP) used this at a previous workplace of
> mine to do xDSL traffic accounting for our users.
> 
> Cheers


-- 
Thomas Fjellstrom
thomas@fjellstrom.ca
--
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@vger.kernel.org
More majordomo info at  http://vger.kernel.org/majordomo-info.html
Please read the FAQ at  http://www.tux.org/lkml/