Hello everybody,
i have a customer, who uses opensuse as firewall before the gateway (adress of the firewall is: 192.168.1.19, gateway is 192.168.1.1.).
we have a - sometimes - slow internet connection. we suspect that the windows clients and their updates are the problem.
i would like to monitor the outgoing traffice to get statistics about the top 10 connections with consumed data.
is there any possibility to get aggregated logs for every day? or do i have to set up a rule first to log the outgoing data to the gateway?
as i have learned (i am no linux guru), i should save the iptable-rules to have them after a reboot.
dear community, do have a hint for me how to this via command line?
If you didn’t want or need things built for you, you could probably modify iptables rules to log, once you’ve generated a log, you can manipulate in any way, eg sort for greatest occurences, graph, more. There are a multitude of tools that can consume log data and display in a graph which I’ve used to display apache data (all likely can be adapted to other log formats)