IP accounting for business
commercial Internet service, it is becoming increasingly important to know how much data you are transmitting and receiving on your network connections. If you are an Internet Service Provider and you charge your customers by volume, this will be essential to your business. If you are a customer of an Internet Service Provider that charges by data volume, you will find it useful to collect your own data to ensure the accuracy of your Internet charges.
There are other uses for network accounting that have nothing to do with dollars and bills. If you manage a server that offers a number of different types of network services, it might be useful to you to know exactly how much data is being generated by each one. This sort of information could assist you in making decisions, such as what hardware to buy or how many servers to run.
The Linux kernel provides a facility that allows you to collect all sorts of useful information about the network traffic
The Linux IP accounting feature is very closely related to the Linux firewall software. The places you want to collect accounting data are the same places that you would be interested in performing firewall filtering: into and out of a network host and in the software that does the routing of packets.
Configuring IP Accounting
IP accounting is closely related to IP firewall, the same tool was designated to configure it, so the iptables command is used to configure IP accounting. The command syntax is very similar to that of the firewall rules, so we won’t focus on it, but we will discuss what you can discover about the nature of your network traffic using this feature.
The iptables command allows you to specify direction in a manner consistent with the firewall rules.
The commands are much the same as firewall rules, except that the policy rules do not apply here. We can add, insert, delete, and list accounting rules. In the case of ipchains and iptables, all valid rules are accounting rules, and any command that doesn’t specify the -j option performs accounting only.
The rule specification parameters for IP accounting are the same as those used for IP firewalls. These are what we use to define precisely what network traffic we wish to count and total.