Difference between revisions of "Plugin:IPTables"

From collectd Wiki
Jump to: navigation, search
(Description: Use the "Generic Plugin" template.)
(Added "List of Plugins" template.)
Line 1: Line 1:
= Description =
+
{{List of Plugins}}
 +
== Description ==
  
 
With the <em>IP-Tables</em> plugin you can gather statistics from your [http://netfilter.org/projects/iptables/index.html ip_tables] based packet filter (aka. firewall). It can collect the byte- and packet-counters of selected rules and submit them to collectd. You can select rules that should be collected wither by its position (e. g. "the fourth rule in the "INPUT" queue in the filter table") or by its comment (using the "COMMENT" match). This means that depending on your firewall layout you can collect certain services (such as the amount of web-traffic), source or destination hosts or networks, dropped packets and much more.
 
With the <em>IP-Tables</em> plugin you can gather statistics from your [http://netfilter.org/projects/iptables/index.html ip_tables] based packet filter (aka. firewall). It can collect the byte- and packet-counters of selected rules and submit them to collectd. You can select rules that should be collected wither by its position (e. g. "the fourth rule in the "INPUT" queue in the filter table") or by its comment (using the "COMMENT" match). This means that depending on your firewall layout you can collect certain services (such as the amount of web-traffic), source or destination hosts or networks, dropped packets and much more.
Line 7: Line 8:
 
{{Generic Plugin|iptables}}
 
{{Generic Plugin|iptables}}
  
= Synopsis =
+
== Synopsis ==
  
 
  <Plugin "iptables">
 
  <Plugin "iptables">
Line 13: Line 14:
 
  </Plugin>
 
  </Plugin>
  
= Example graphs =
+
== Example graphs ==
  
 
[[Image:Plugin-iptables-bytes.png]]
 
[[Image:Plugin-iptables-bytes.png]]
 
[[Image:Plugin-iptables-packets.png]]
 
[[Image:Plugin-iptables-packets.png]]
  
= Dependencies =
+
== Dependencies ==
  
 
* Linux 2.4 or later with [http://netfilter.org/projects/iptables/index.html ip_tables]
 
* Linux 2.4 or later with [http://netfilter.org/projects/iptables/index.html ip_tables]

Revision as of 09:40, 4 March 2009

Template:List of Plugins

Description

With the IP-Tables plugin you can gather statistics from your ip_tables based packet filter (aka. firewall). It can collect the byte- and packet-counters of selected rules and submit them to collectd. You can select rules that should be collected wither by its position (e. g. "the fourth rule in the "INPUT" queue in the filter table") or by its comment (using the "COMMENT" match). This means that depending on your firewall layout you can collect certain services (such as the amount of web-traffic), source or destination hosts or networks, dropped packets and much more.

Of course this plugin uses libiptc and does not fork the iptables(8) application. This means that it is talking directly with the kernel and the overhead is as low as it gets.

This plugin is a generic plugin, i.e. it cannot work without configuration, because there is no reasonable default behavior. Please read the Plugin iptables section of the collectd.conf(5) manual page for an in-depth description of the plugin's configuration.

Synopsis

<Plugin "iptables">
  Chain "filter" "FORWARD"
</Plugin>

Example graphs

Plugin-iptables-bytes.png Plugin-iptables-packets.png

Dependencies