collectd - Plugin "iptables"

"iptables" plugin

With this plugin you can gather statistics from your ip_tables based packetfilter (aka. firewall). It can collect the byte- and packet-counters of selected rules and submit them to collectd. Depending on your firewall layout you can collect certain services (such as the amount of web-traffic), source or destination hosts or networks, dropped packets and much more.

Of course this plugin uses libiptc and does not fork the "iptables" application. This means that it is talking directly with the kernel and the overhead is as low as it gets.

Information on how to configure the iptables-plugin can be found in the collectd.conf(5) manpage.

Example graphs

Example "bytes" graph of the iptables plugin

Example "packets" graph of the iptables plugin

Dependencies

Linux 2.4 or later with ip_tables
libiptc