[Swan] bandwidth usage
Paul Wouters
paul at nohats.ca
Thu Mar 20 20:07:37 EET 2014
On Thu, 20 Mar 2014, Bob Miller wrote:
>> I see the RX packets and TX packets counters increase on the interface.
>
> Just in case you are referring to something I don't know about, you mean
> the stats found at
>
> /sys/class/net/eth*/statistics/{rx_bytes,tx_bytes}
I used "ifconfig" bu I assume so yes :)
>> # ipsec status |grep Traffic
>> 000 #2: "redhat" esp.dfcbec65 at 66.187.233.55 esp.1667cfb4 at 76.10.157.69 tun.0 at 66.187.233.55 tun.0 at 76.10.157.69 ref=0 refhim=4294901761 Traffic: ESPin=92KB ESPout=1MB! ESPmax=4194303B XAUTHuser=pwouters
>
> This is interesting. Is this data stored somewhere in /proc or /sys
> such that I can query it regularly?
I don't know. If so, it would be in "ip xfrm policy" or "ip xfrm state"
with some additional verbosity options (and a lack of documentation :)
> Can any more information besides
> direction of the traffic be figured out (ie dst for LAN vs dst for web)?
> or am I still having to rely on iptables to track that level of detail?
No, but you could setup separate tunnels per port, eg:
conn port80
leftprotoport=tcp/80
rightprotoport=tcp
also=baseconn
conn port443
leftprotoport=tcp/443
rightprotoport=tcp
also=baseconn
conn baseconn
yourregularstuffhere
Paul
More information about the Swan
mailing list