Utilize iptables to monitor traffic (by port|ip)

# iptables -A INPUT -s 10.0.0.1
# iptables -A OUTPUT -d 10.0.0.1
# iptables -vnL
Chain INPUT (policy ACCEPT 7967 packets, 4273K bytes)
 pkts bytes target     prot opt in     out     source               destination
16572 4535K            all  --  *      *       10.0.0.1             0.0.0.0/0
Chain FORWARD (policy ACCEPT 0 packets, 0 bytes)
 pkts bytes target     prot opt in     out     source               destination
Chain OUTPUT (policy ACCEPT 8562 packets, 6767K bytes)
 pkts bytes target     prot opt in     out     source               destination
 2823 2974K            all  --  *      *       0.0.0.0/0            10.0.0.1
# iptables -A INPUT -p tcp --dport 12000
# iptables -A OUTPUT -p tcp --sport 12000
# iptables -vnL
Chain INPUT (policy ACCEPT 9806 packets, 5038K bytes)
 pkts bytes target     prot opt in     out     source               destination
 669K  184M            all  --  *      *       10.0.0.1             0.0.0.0/0
   50  3640            tcp  --  *      *       0.0.0.0/0            0.0.0.0/0            tcp dpt:12000
Chain FORWARD (policy ACCEPT 0 packets, 0 bytes)
 pkts bytes target     prot opt in     out     source               destination
Chain OUTPUT (policy ACCEPT 10285 packets, 7196K bytes)
 pkts bytes target     prot opt in     out     source               destination
 665K  687M            all  --  *      *       0.0.0.0/0            10.0.0.1
   10  1288            tcp  --  *      *       0.0.0.0/0            0.0.0.0/0            tcp spt:12000

按照 iptables 的規則語法即可自由組合。需要特定時間的紀錄,用 crontab 導出 iptables -vnL 內容,iptables -D 刪除紀錄,再重新添加即可。

发表评论

您的电子邮箱地址不会被公开。 必填项已用*标注

此站点使用Akismet来减少垃圾评论。了解我们如何处理您的评论数据