Plugin:IPTables

From collectd Wiki
Revision as of 10:35, 16 February 2009 by Octo (talk | contribs) (Created initial page.)

(diff) ← Older revision | Latest revision (diff) | Newer revision → (diff)
Jump to: navigation, search

Description

With the IP-Tables plugin you can gather statistics from your ip_tables based packet filter (aka. firewall). It can collect the byte- and packet-counters of selected rules and submit them to collectd. You can select rules that should be collected wither by its position (e. g. "the fourth rule in the "INPUT" queue in the filter table") or by its comment (using the "COMMENT" match). This means that depending on your firewall layout you can collect certain services (such as the amount of web-traffic), source or destination hosts or networks, dropped packets and much more.

Of course this plugin uses libiptc and does not fork the iptables(8) application. This means that it is talking directly with the kernel and the overhead is as low as it gets.

Synopsis

<Plugin "iptables">
  Chain "filter" "FORWARD"
</Plugin>

Example graphs

Plugin-iptables-bytes.png Plugin-iptables-packets.png

Dependencies