Network Statistics with iptables and rrdtool

Netfilter is a powerful tool when it comes to select traffic on a Linux router.

When you set up a chain of rules with iptables, you are also get set of traffic counters with each rule you set, which can be used to see how many times the rule have matched.

If you place a chain of rules without any jump, the packet get counted and goes forward the chain, so that you can write a set of rules just to get some statistic of selected pattern of traffic in your network.

In this post I’ll show how to write some simple rule, get the data on a rrdtool database and plot a traffic graphic out of it.

Read more of this post