Ebtables: Difference between revisions
(ebtables accounting)
 
# first let’s do some accounting.
# These rules need only match, not do anything, as we are interested in the [[Ebtablesebtables accounting]] data.
ebtables -N accounting -P RETURN
ebtables -A accounting --destination AC:DE:48:23:45:67/ff:ff:ff:ff:ff:ff
iptables -A FORWARD -i ppp0 -o int0 -j MARK --or-mark $MINET
ip6tables -A FORWARD -i ppp0 -o int0 -j MARK --or-mark $MINET
 
== Accounting ==
 
To save the accounting data,
I used a script called out from /etc/cron.hourly and will end up with a directory tree with accounting data that resembles that from AAISP’s clueless pages but broken down by MAC address. Old data may need to be rotated away from the output area eventually though.
 
#!/bin/bash
 
MYTIME=`date +%s`
 
DIR=`date -d @$MYTIME +/var/local/ebacct/%Y-%m-%d/%H -u`
PARA=
if test -n "$(mkdir -pv $DIR)"
then
PARA=-Z
DIR=`date -d @$(( $MYTIME - 3600 )) +/var/local/ebacct/%Y-%m-%d/%H -u`
fi
while read F MAC N N N N N PACKET N N N OCTETS N
do
if test "$F" = "-d"
then
PT=$DIR/${MAC:0:2}${MAC:3:2}${MAC:6:2}${MAC:9:2}${MAC:12:2}${MAC:15:2}
mkdir -p $PT
echo $PACKET > $PT/packets
echo $OCTETS > $PT/octets
fi
done <<<"$(ebtables -L accounting --Lc --Lmac2 $PARA)"
Retrieved from ‘http://support.aa.net.uk/Ebtables