BigOfficeNetFlow

出自金門農工維基館
跳轉到: 導覽搜尋

目錄

20160119大辦公室三天累積總流量


[root@tree ~]# cat forwardF
#!/bin/sh
#http://horace1123.pixnet.net/blog/post/25307796-iptables%E7%AF%84%E4%BE%8B
iptables -P FORWARD DROP
iptables -I FORWARD -o em1 -s 10.2.2.0/24 -j ACCEPT
iptables -A FORWARD -i em1 -m state --state RELATED,ESTABLISHED -j ACCEPT
iptables -A FORWARD -o em1 -j LOG --log-prefix=natdeny
#iptables -I FORWARD -o em1 -p tcp --dport 80 -s 10.2.2.0/24 -j ACCEPT
#iptables -I FORWARD -o eth0 -s 10.2.2.40 -j ACCEPT
#iptables -I FORWARD -o em1 -p tcp --dport 80 -j ACCEPT
[root@tree ~]# netstat -s
Ip:
    16037339 total packets received
    39 with invalid headers
    14869133 forwarded
    0 incoming packets discarded
    1080200 incoming packets delivered
    14889199 requests sent out
    12 fragments dropped after timeout
    40 reassemblies required
    14 packets reassembled ok
    12 packet reassembles failed
    14 fragments received ok
    28 fragments created
Icmp:
    159 ICMP messages received
    98 input ICMP message failed.
    ICMP input histogram:
        destination unreachable: 16
        echo requests: 133
        echo replies: 10
    8902 ICMP messages sent
    0 ICMP messages failed
    ICMP output histogram:
        destination unreachable: 8800
        time exceeded: 39
        echo request: 28
        echo replies: 35
IcmpMsg:
        InType0: 10
        InType3: 16
        InType8: 133
        OutType0: 35
        OutType3: 8800
        OutType8: 28
        OutType11: 39
Tcp:
    18 active connections openings
    16 passive connection openings
    0 failed connection attempts
    0 connection resets received
    1 connections established
    129203 segments received
    11476 segments send out
    13 segments retransmited
    0 bad segments received.
    300 resets sent
Udp:
    16966 packets received
    3490 packets to unknown port received.
    0 packet receive errors
    195 packets sent
    0 receive buffer errors
    0 send buffer errors
UdpLite:
TcpExt:
    21 TCP sockets finished time wait in fast timer
    183 delayed acks sent
    10 packets directly queued to recvmsg prequeue.
    6 bytes directly received in process context from prequeue
    2388 packet headers predicted
    3845 acknowledgments not containing data payload received
    2335 predicted acknowledgments
    1 congestion windows recovered without slow start after partial ack
    1 other TCP timeouts
    TCPLossProbes: 12
    TCPLossProbeRecovery: 11
    38 DSACKs sent for old packets
    12 DSACKs received
    1 connections reset due to unexpected data
    TCPDSACKIgnoredNoUndo: 12
    IPReversePathFilter: 851
    TCPRcvCoalesce: 136
    TCPOFOQueue: 68
    TCPAutoCorking: 1472
    TCPSynRetrans: 1
    TCPOrigDataSent: 10359
IpExt:
    InMcastPkts: 17183
    OutMcastPkts: 59
    InBcastPkts: 930121
    InOctets: 14134975458
    OutOctets: 27922346674
    InMcastOctets: 3371893
    OutMcastOctets: 8264
    InBcastOctets: 128455971
    InNoECTPkts: 20102048
[root@tree ~]#


[root@tree ~]# iptables -L -nvx -t mangle
Chain PREROUTING (policy ACCEPT 14376302 packets, 13006661675 bytes)
    pkts      bytes target     prot opt in     out     source               destination

Chain INPUT (policy ACCEPT 531064 packets, 61968345 bytes)
    pkts      bytes target     prot opt in     out     source               destination

Chain FORWARD (policy ACCEPT 13797809 packets, 12940973269 bytes)
    pkts      bytes target     prot opt in     out     source               destination

Chain OUTPUT (policy ACCEPT 17823 packets, 3951937 bytes)
    pkts      bytes target     prot opt in     out     source               destination

Chain POSTROUTING (policy ACCEPT 13811067 packets, 12944504963 bytes)
    pkts      bytes target     prot opt in     out     source               destination
[root@tree ~]# date
Tue Jan 19 13:11:07 CST 2016
[root@tree ~]#

20160112大辦公室一天累積總流量

[root@localhost ~]# iptables -L -nv
Chain INPUT (policy ACCEPT 297K packets, 31M bytes)
 pkts bytes target     prot opt in     out     source               destination

Chain FORWARD (policy ACCEPT 7454K packets, 5772M bytes)
 pkts bytes target     prot opt in     out     source               destination

Chain OUTPUT (policy ACCEPT 51882 packets, 17M bytes)
 pkts bytes target     prot opt in     out     source               destination

20160111大辦公室一天累積總流量

20160111大辦公室一天累積總流量
[root@localhost ~]# iptables -L -nvx
Chain INPUT (policy ACCEPT 236995 packets, 34585652 bytes)
    pkts      bytes target     prot opt in     out     source               destination    

Chain FORWARD (policy ACCEPT 3011245 packets, 2337424427 bytes)
    pkts      bytes target     prot opt in     out     source               destination    

Chain OUTPUT (policy ACCEPT 5327 packets, 706570 bytes)
    pkts      bytes target     prot opt in     out     source               destination    

20160106_20151229大辦公室多日累積總流量

[root@localhost ipt-netflow-2.1]# iptables -L -nvx
Chain INPUT (policy ACCEPT 1421088 packets, 174636294 bytes)
    pkts      bytes target     prot opt in     out     source               destination    

Chain FORWARD (policy ACCEPT 31905361 packets, 23644993472 bytes)
    pkts      bytes target     prot opt in     out     source               destination    

Chain OUTPUT (policy ACCEPT 38696 packets, 6078227 bytes)
    pkts      bytes target     prot opt in     out     source               destination    
[root@localhost ipt-netflow-2.1]#
個人工具
名字空間

變換
動作
導覽
工具箱