[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]

TOR traffic measurement with iptables


I'm running a TOR server. To get an idea of how much traffic my server
produces, I use some custom shell scripts which use RRDtool to make
graphs. But in the traffic graph, I want to decide betwenn "regular"
traffic and TOR traffic.

For this I set up some iptables rules and parse the outputs from
`iptables -vnxL CHAIN'. This seems to work quite well for the output,
but I don't seem to get all the inbound traffic.

These are my rules:

# Input: 4321 = Tor, 4322 = Directory
iptables -A INPUT -i eth0 -p tcp --dport 4321 -j ACCEPT
iptables -A INPUT -i eth0 -p tcp --dport 4322 -j ACCEPT

# Output: Answers to the requests and every else traffic Tor produces
# (running as userid 108)
iptables -A OUTPUT -p tcp --sport 4321 -j ACCEPT
iptables -A OUTPUT -p tcp --sport 4322 -j ACCEPT
iptables -A OUTPUT -m owner --uid-owner 108 -j ACCEPT

I'd appreciate every suggestion or hint. Thank you!