Re: Real Time Traffic Flow Measurement - anybody working on it?

From: Harald Welte (laforge@gnumonks.org)
Date: Fri Apr 20 2001 - 11:58:29 EST


On Thu, Apr 19, 2001 at 02:15:56PM +1000, Manfred Bartz wrote:
> Through the stimulating discussion we had under ``IP Acounting
> Idea for 2.5'', it appears that a separate Traffic Flow Measure-
> ment and Accounting sub-system would be useful. See:
> <http://logi.cc/linux/CounterReset/>

Hey cool. Now we've come to a point where we agree. If you want to do
serious accounting, iptables is not the subsystem of your choice.

As you've pointed out on your very enthusiastic homepage:

    * Mixing fundamentally different functionalities like security and
    * accounting in a firewall is not a good idea anyway. It leads to overly
    * complex firewall code (potentially thousands of rules just for
    * accounting) and unreliable accounting (f.e. when the firewall rules get
    * reloaded).

> I would also like to know if there are any objections to providing
> a RTFM interface in the kernel (as an optional module).

No, not at all. I'd like to help developing an RTFM meter for linux.
I guess we don't actually need to keep seperate flow information, but
could attach it to the netfilter connection tracking.

> Manfred Bartz

-- 
Live long and prosper
- Harald Welte / laforge@gnumonks.org                http://www.gnumonks.org
============================================================================
GCS/E/IT d- s-: a-- C+++ UL++++$ P+++ L++++$ E--- W- N++ o? K- w--- O- M- 
V-- PS+ PE-- Y+ PGP++ t++ 5-- !X !R tv-- b+++ DI? !D G+ e* h+ r% y+(*)
-
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@vger.kernel.org
More majordomo info at  http://vger.kernel.org/majordomo-info.html
Please read the FAQ at  http://www.tux.org/lkml/



This archive was generated by hypermail 2b29 : Mon Apr 23 2001 - 21:00:37 EST