IP Traffic Accounting for OpenVPN users

I'm trying to find a way to do traffic accounting for OpenVPN to build graphs with inside the webpage admin panel for OpenVPN. I have everything done. But i cannot get the IPTables to work correctly, I tried following : https://www.cyberciti.biz/faq/linux-configuring-ip-traffic-accounting/ And failed. Here is what i have, and what happens.

[root@vpn-01:~]# cat traf
iptables -N INET_OUT
iptables -N INET_IN
iptables -A FORWARD -j INET_IN
iptables -A FORWARD -j INET_OUT
iptables -A INPUT -j INET_IN
iptables -A OUTPUT -j INET_OUT
/sbin/iptables -A INET_IN -d 10.8.0.2
/sbin/iptables -A INET_OUT -s 10.8.0.2  
/sbin/iptables -A INET_IN -d 10.8.0.3
/sbin/iptables -A INET_OUT -s 10.8.0.3
/sbin/iptables -L INET_IN -v -x -n
/sbin/iptables -L INET_OUT -v -x -n
[root@vpn-01:~]#

And the results of iptables -L -v -x -n

[root@vpn-01:~]# iptables -L -v -x -n
Chain INPUT (policy ACCEPT 18610 packets, 990598 bytes)
    pkts      bytes target     prot opt in     out     source               destination         
     236    33488 f2b-sshd   tcp  --  *      *       0.0.0.0/0            0.0.0.0/0            multiport dports 22
 2321179 121098434 INET_IN    all  --  *      *       0.0.0.0/0            0.0.0.0/0           

Chain FORWARD (policy ACCEPT 0 packets, 0 bytes)
    pkts      bytes target     prot opt in     out     source               destination         
     170    25554 ACCEPT     all  --  tun+   *       0.0.0.0/0            0.0.0.0/0           
       0        0 ACCEPT     all  --  tun+   venet0  0.0.0.0/0            0.0.0.0/0            state RELATED,ESTABLISHED
     152    20536 ACCEPT     all  --  venet0 tun+    0.0.0.0/0            0.0.0.0/0            state RELATED,ESTABLISHED
       0        0 INET_IN    all  --  *      *       0.0.0.0/0            0.0.0.0/0           
       0        0 INET_OUT   all  --  *      *       0.0.0.0/0            0.0.0.0/0           

Chain OUTPUT (policy ACCEPT 47225 packets, 68689096 bytes)
    pkts      bytes target     prot opt in     out     source               destination         
       0        0 ACCEPT     all  --  *      tun+    0.0.0.0/0            0.0.0.0/0           
 5662908 8196501864 INET_OUT   all  --  *      *       0.0.0.0/0            0.0.0.0/0           

Chain INET_IN (2 references)
    pkts      bytes target     prot opt in     out     source               destination         
       0        0            all  --  *      *       0.0.0.0/0            10.8.0.2            
       0        0            all  --  *      *       0.0.0.0/0            10.8.0.3            

Chain INET_OUT (2 references)
    pkts      bytes target     prot opt in     out     source               destination         
       0        0            all  --  *      *       10.8.0.2             0.0.0.0/0           
       0        0            all  --  *      *       10.8.0.3             0.0.0.0/0           

Chain f2b-sshd (1 references)
    pkts      bytes target     prot opt in     out     source               destination         
      21     1756 REJECT     all  --  *      *       61.177.172.158       0.0.0.0/0            reject-with icmp-port-unreachable
      17     1232 REJECT     all  --  *      *       61.177.172.128       0.0.0.0/0            reject-with icmp-port-unreachable
       0        0 REJECT     all  --  *      *       222.186.173.154      0.0.0.0/0            reject-with icmp-port-unreachable
       0        0 REJECT     all  --  *      *       222.186.180.223      0.0.0.0/0            reject-with icmp-port-unreachable
     164    28132 RETURN     all  --  *      *       0.0.0.0/0            0.0.0.0/0   
[root@vpn-01:~]#

Not sure what i missed, or misconfigured. Any help would be greatful. Thanks in Advanced!!

geekism

Posted 2020-01-20T04:12:38.630

Reputation: 1

IP Traffic Accounting for OpenVPN users

Answers