1 The nfacct match provides the extended accounting infrastructure for iptables. 2 You have to use this match together with the standalone user-space utility 3 .B nfacct(8) 4 .PP 5 The only option available for this match is the following: 6 .TP 7 \fB\-\-nfacct\-name\fP \fIname\fP 8 This allows you to specify the existing object name that will be use for 9 accounting the traffic that this rule-set is matching. 10 .PP 11 To use this extension, you have to create an accounting object: 12 .IP 13 nfacct add http\-traffic 14 .PP 15 Then, you have to attach it to the accounting object via iptables: 16 .IP 17 iptables \-I INPUT \-p tcp \-\-sport 80 \-m nfacct \-\-nfacct\-name http\-traffic 18 .IP 19 iptables \-I OUTPUT \-p tcp \-\-dport 80 \-m nfacct \-\-nfacct\-name http\-traffic 20 .PP 21 Then, you can check for the amount of traffic that the rules match: 22 .IP 23 nfacct get http\-traffic 24 .IP 25 { pkts = 00000000000000000156, bytes = 00000000000000151786 } = http-traffic; 26 .PP 27 You can obtain 28 .B nfacct(8) 29 from http://www.netfilter.org or, alternatively, from the git.netfilter.org 30 repository. 31
