I am trying to reduce internet bandwidth consumption. I have installed squid as a transparent proxy server and it is currently getting all traffic from port 80. I am using the proxy_stats.gawk utility to generate reports. I am still only logging 1/4 of the traffic the ISP actually reports. Can i get all traffic on all other ports to go though the proxy as well. i.e. VOIP... How can i Achieve this?
Add a comment |
1 Answer
There are several things you can do. If you've set it up transparently, and you're really only looking for reporting, you can get iptables to log connections. That way you can meter bandwidth.
I reccomend setting up similar to this: http://www.cyberciti.biz/faq/linux-configuring-ip-traffic-accounting/
If you want to do more than report on bandwidth usage, that's a wholly different story. You'd need targeted application level proxies.
- I already have some iptable entries for the transparent configuration of the proxy. Do you think these might cause a conflict with the IP accounting you mentioned?Yves Richard– Yves Richard2012-03-01 23:56:45 +00:00Commented Mar 1, 2012 at 23:56
- My original solution to blocking these ports was to use Ubuntu's ufw util. As soon as I enable it though the proxy stops functioning properly. I am wondering if again the enabling somehow overwrites or conflicts with the original iptables entries. (the entries which actually do the transparent proxy)Yves Richard– Yves Richard2012-03-02 00:00:04 +00:00Commented Mar 2, 2012 at 0:00
- I ended up using iptables directly instead of using ufw. Seems like ufw by default creates a catch-all which i didn't need in my case. sudo iptables -A INPUT -j DROP -p tcp --destination-port 5223 -i eth1Yves Richard– Yves Richard2012-03-02 05:21:02 +00:00Commented Mar 2, 2012 at 5:21
- I really like the IP accounting approach. What happens if i don't really know which ports i want to monitor. I am after a list of all protocol/port with bandwidth consumed. Any ideas?Yves Richard– Yves Richard2012-03-02 05:22:40 +00:00Commented Mar 2, 2012 at 5:22
- I'd start off by blocking everything except what you know you need. Its a lot more secure to allow only ports you know you need, and add others as you discover.Steve Butler– Steve Butler2012-03-02 07:31:51 +00:00Commented Mar 2, 2012 at 7:31