Graphing number of references to iptables chain
Allan
allan at zandahar.net
Wed Sep 5 07:37:09 CEST 2007
Hi all,
Just wondering if anyone has done or has seen a way of being able to
graph the number of references to an iptables chain ?
We have a script on our mailserver that scans the logs for IP's in
DNSBL's or that issue pregreeting commands and then adds them to the
firewall and drops the packets. We end up with a 'flt-smtp' chain that
lists all the IP addys it found, if they match it then calls another
chain 'spammer' which logs the attempt and drops/rejects the packet.
This ends up with a few hundred to a few thousand ip's blocked every
month with the # being the number of references to the spammer chain.
'iptables -L spammer' returns currently for example
# iptables -L spammer
Chain spammer (2269 references)
target prot opt source destination
LOG all -- anywhere anywhere LOG level
debug prefix `Spammer: '
DROP all -- anywhere anywhere
Unfortunately I have zero skills when it comes to rrd and the like so
I'm looking for something similar I can change to suit or for someone to
be really generous and help me out.
The script I'm using is over at
http://www.impsec.org/~jhardin/antispam/spammer-firewall
Cheers
Allan
More information about the Xymon
mailing list