About Network Accounting

[The Jetman]

Recently, there was a little thread about network accounting via IPFW and 
was curious about the efficacy of my own solution.


####    x.y.z.14
${ipfw} add pipe 7 ip from x.y.z.14 to any
${ipfw} pipe 7 config bw 1024Kbit/s queue 50
${ipfw} add pipe 8 ip from any to x.y.z.14
${ipfw} pipe 8 config bw 1024Kbit/s queue 50
####


I setup a series of rules for each of a series of real IPs, similar to those 
shown above, to cap bwidth usage and to provide a series of byte counters that 
could be captured hourly.  This box was a bridge bet the client's internal net 
and their T1.  My CRON job would sit on the working side of a pipe from the 
'ipfw -a list' command, then parse each rule for the inbound then outbound 
byte/packet count.  Each inbound/outbound count was then inserted into a SQL 
UPDATE stmt for each IP.  Any IP w/o a set of rules as shown above, would be 
explicitly inhibited w/ IPFW rules.

I inquire bet I've seen a couple of other approaches and was curious if my 
approach makes sense.  BTW, I'm not asking for a solution, nor am I asking for 
code to complete a project.  My code (in Python) is written, is stable, and 
appears to deliver the desired results.

TIA.  Later....Jet


===============  From the desk of Jethro Wright, III  ================
+      Beer is proof that God loves us and wants us to be happy.     -
==============================================  Benjamin Franklin  ===