TOR traffic measurement with iptables
Julius Plenz
tor-or-talk at plenz.com
Thu Mar 23 13:01:28 UTC 2006
Hi!
I'm running a TOR server. To get an idea of how much traffic my server
produces, I use some custom shell scripts which use RRDtool to make
graphs. But in the traffic graph, I want to decide betwenn "regular"
traffic and TOR traffic.
For this I set up some iptables rules and parse the outputs from
`iptables -vnxL CHAIN'. This seems to work quite well for the output,
but I don't seem to get all the inbound traffic.
These are my rules:
# Input: 4321 = Tor, 4322 = Directory
iptables -A INPUT -i eth0 -p tcp --dport 4321 -j ACCEPT
iptables -A INPUT -i eth0 -p tcp --dport 4322 -j ACCEPT
# Output: Answers to the requests and every else traffic Tor produces
# (running as userid 108)
iptables -A OUTPUT -p tcp --sport 4321 -j ACCEPT
iptables -A OUTPUT -p tcp --sport 4322 -j ACCEPT
iptables -A OUTPUT -m owner --uid-owner 108 -j ACCEPT
I'd appreciate every suggestion or hint. Thank you!
Julius
--
www.plenz.com
More information about the tor-talk
mailing list