[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]

Re: TOR traffic measurement with iptables



* Julius Plenz (tor-or-talk@xxxxxxxxx) wrote:
> Hi!
> 
> I'm running a TOR server. To get an idea of how much traffic my server
> produces, I use some custom shell scripts which use RRDtool to make
> graphs. But in the traffic graph, I want to decide betwenn "regular"
> traffic and TOR traffic.
> 
> For this I set up some iptables rules and parse the outputs from
> `iptables -vnxL CHAIN'. This seems to work quite well for the output,
> but I don't seem to get all the inbound traffic.
> 
> These are my rules:
> 
> # Input: 4321 = Tor, 4322 = Directory
> iptables -A INPUT -i eth0 -p tcp --dport 4321 -j ACCEPT
> iptables -A INPUT -i eth0 -p tcp --dport 4322 -j ACCEPT
> 
> # Output: Answers to the requests and every else traffic Tor produces
> # (running as userid 108)
> iptables -A OUTPUT -p tcp --sport 4321 -j ACCEPT
> iptables -A OUTPUT -p tcp --sport 4322 -j ACCEPT
> iptables -A OUTPUT -m owner --uid-owner 108 -j ACCEPT
> 
> I'd appreciate every suggestion or hint. Thank you!

Hi Julius

I gave up on this since they are so many servers using custom tor ports so
results are unreliable.  I choose to measure traffic directly from
/var/lib/tor/bw_accounting.  I already made a pearl script doing this if
you're interested (uses RRD too).

> 
> Julius
> 
> -- 
> www.plenz.com