use ebtables to do statistics

use ebtables to do statistics

ebtables 

introduction

i implement the statistcs on AP with iptables, but it needs know each station ip, for bridge mode AP, it’s not good, so try to move statistics into ebtabls, using station’s mac to do trace.

ebtables description

Ethernet bridge frame table administration

ebtables usage

ebtables [-t table ] -[ACDI] chain rule specification [match extensions] [watcher extensions] target
ebtables [-t table ] -P chain ACCEPT | DROP | RETURN
ebtables [-t table ] -F [chain]
ebtables [-t table ] -Z [chain]
ebtables [-t table ] -L [-Z] [chain] [ [–Ln] | [–Lx] ] [–Lc] [–Lmac2]
ebtables [-t table ] -N chain [-P ACCEPT | DROP | RETURN]
ebtables [-t table ] -X [chain]
ebtables [-t table ] -E old-chain-name new-chain-name
ebtables [-t table ] --init-table
ebtables [-t table ] [–atomic-file file] --atomic-commit
ebtables [-t table ] [–atomic-file file] --atomic-init
ebtables [-t table ] [–atomic-file file] --atomic-save

chain and rule design

  1. $ ebtables -L FORWARD --Lx 
  2. ebtables -t filter -A FORWARD -j client_total_downlink_traf 
  3. ebtables -t filter -A FORWARD -j client_total_uplink_traf 
  4. ebtables -t filter -A FORWARD -j wan_downlink_traf 
  5. ebtables -t filter -A FORWARD -j wan_uplink_traf 
  6.  
  7. $ ebtables -L client_total_downlink_traf --Lx 
  8. ebtables -t filter -P client_total_downlink_traf RETURN 
  9. ebtables -t filter -A client_total_downlink_traf -d 9c:f3:87:70:56:aa -j total_downlink_traf 
  10. ebtables -t filter -A client_total_downlink_traf -d 70:14:a6:cd:8a:c2 -j total_downlink_traf 
  11. ebtables -t filter -A client_total_downlink_traf -d 2c:1f:23:95:dd:d0 -j total_downlink_traf 
  12.  
  13. $ ebtables -L wan_downlink_traf --Lx 
  14. ebtables -t filter -P wan_downlink_traf RETURN 
  15. ebtables -t filter -A wan_downlink_traf -p IPv4 --ip-src 192.168.0.0/16 -j RETURN  
  16. ebtables -t filter -A wan_downlink_traf -p IPv4 --ip-src 172.16.0.0/12 -j RETURN  
  17. ebtables -t filter -A wan_downlink_traf -p IPv4 --ip-src 10.0.0.0/8 -j RETURN  
  18. ebtables -t filter -A wan_downlink_traf -j client_wan_downlink_traf 
  19.  
  20. $ ebtables -L client_wan_downlink_traf --Lx 
  21. ebtables -t filter -P client_wan_downlink_traf RETURN 
  22. ebtables -t filter -A client_wan_downlink_traf -d 9c:f3:87:70:56:aa -j total_wan_downlink_traf 
  23. ebtables -t filter -A client_wan_downlink_traf -d 70:14:a6:cd:8a:c2 -j total_wan_downlink_traf 
  24. ebtables -t filter -A client_wan_downlink_traf -d 2c:1f:23:95:dd:d0 -j total_wan_downlink_traf 

Note

  1. ebtables doesn’t have -S option.
  2. ebtables -L --Lc --Lmac2 used to check the counter. especially --Lmac2 used to format mac output
  3. ebtables -L --Lx used to list the current rule. output likes:
  1. $ ebtables -L client_total_uplink_traf --Lx 
  2. ebtables -t filter -P client_total_uplink_traf RETURN 
  1. do not go through the following rules anymore, if the matched rule’s target is ACCEPT

2018-6-7 - nicephil@gmail.com

posted on 2018-06-08 21:39  nicephil  阅读(400)  评论(0编辑  收藏  举报

导航