On my new server one of the things I really wanted was iptables. In the past when we have had problems with a machine choking the T1, all we know is which machine is doing it. Not what on the machine is doing it.

I want to solve this problem by letting iptables keep track of the traffic on each of the virutal hosts. I want to know if the traffic is on say port 80 or 25.

I spent many hours looking for decent info about this but didn’t find any. Sure everybody tells you how to build iptable filters but nobody gives you any good examples of how to do accounting based on them.

Then I found a site from 8/10/2004 that was just plain and simple.

It made it all make sense.

I will now take the into I’ve learned and see if I can coax MRTG into giving me some useful data about what is going on with traffic on the machine.