Traffic Accounting (patch) [message #2532] |
Sun, 09 April 2006 03:14 |
Julian
Messages: 4 Registered: April 2006 Location: Darmstadt, Germany
|
Junior Member |
|
|
Hello,
today I played alot with openvz. It's really nice, but I needed a way to do traffic accounting on the VPSs.
There are two different ways to do it which can be looked up in this forum:
1. <do it with iptables>
I don't really like this solution, because it's higher administration effort and i don't have a VEID => traffic translation, but IP => traffic translation
2. <Use the script from Eric 'phpfreak' Rosebrock>
Might be nice, if you've got only trusted VPSs.
The script calls "X=`/usr/sbin/vzctl exec $i "grep venet0 /proc/net/dev"`" which means that "grep" is actually called from inside the VPS. An evil customer could just change his grep implementation and fool the whole accounting system.
I looked at the /proc/vz/* files and wondered why the statistic values of the venet devices had not been included in /proc/vz/vestat. I just added the RX and TX bytes field, so you can easily parse them on the master system.
A patch is attached to this post.
Please don't use this on a productive system. It works for me, but i haven't tested it enough. Perhaps it's breaking the one or other openvz tool.
Any feedback is highly appreciated.
Best regards,
Julian Haupt
-
Attachment: vecalls.diff
(Size: 3.27KB, Downloaded 558 times)
|
|
|