стоит slackware 9, netacct-mysql 0.78. два интерфейса - eth1 - локалка, eth2 - внешняя сеть.
настройки iptables:IPTABLES="/usr/sbin/iptables"
INET_IP="195.206.х.х"
INET_IFACE="eth2"
$IPTABLES -t nat -A POSTROUTING -o $INET_IFACE -j SNAT --to-source $INET_IPпроблема - как учитывать трафик с внутренних ай-пи адресов?? так как происходит трансляция, то в src поле стоит ай-пи-адрес eth2.
лог отладки:
11/05 09:49:30 [STATE] analyzis for src 195.206.х.х, dst 192.168.3.23, src_flg -111/05 09:49:30 [STATE] , peer_flg 0
11/05 09:49:32 [STATE] analyzis for src 192.168.3.167, dst 195.206.х.х, src_flg 111/05 09:49:32 [STATE] , peer_flg 0
11/05 09:49:32 [STATE] analyzis for src 195.206.х.х, dst 192.168.3.167, src_flg -111/05 09:49:32 [STATE] , peer_flg 0
11/05 09:49:33 [STATE] analyzis for src 195.206.х.х, dst 192.168.3.167, src_flg -111/05 09:49:33 [STATE] , peer_flg 0
11/05 09:49:33 [STATE] analyzis for src 195.206.х.х, dst 192.168.3.167, src_flg -111/05 09:49:33 [STATE] , peer_flg 0
конфиг netacct:compactnet 192.168.3.0 255.255.255.0
# log traffic only for these networks
# all other packets are NOT logged#ournet 62.73.77.0 255.255.255.0
ournet 192.168.3.0 255.255.255.0
# Ours IP nets for diferenciation of
# peering traffic types#direct_peer 217.75.132.0 255.255.255.0
#direct_peer 62.176.90.0 255.255.255.0
#direct_peer 212.72.212.0 255.255.255.0
#direct_peer 217.75.136.0 255.255.255.0
#direct_peer 194.12.226.80 255.255.255.240
#direct_peer 194.12.233.96 255.255.255.224
#direct_peer 194.12.233.160 255.255.255.224
direct_peer 1.1.1.1 255.255.255.255
# log traffic between 2 or more regional ISP-sflush 300 # flush every 5 minutes
# this gives the interval in seconds
# when the accumulated data is flushed
# to the output fileerrdelay 2
fdelay 60notdev eth2 # Dont log entries for this device
# Use this on routers that you dont
# log forwarded packets twice.device eth1 # device to put into promiscous mode
# you can specify as many as you want
# and you don't have to specify one
# (e.g. if this runs on your router)
#
# if you plan to use it on some *BSD
# system put here apropriate device
# i.e. - device ep0iflimit eth1 # on machines with multiple interfaces,
# log only packets on this interface
# mutually exclusive with hostlimitignoremask 255.255.255.0 # Ignore traffic on same class C net
# This means traffic that is on
# your local LAN is not counted.
# This is useful for NFS etc.
# Not giving this option causes everything
# to be counted.
# This can degrade performance seriously!ignorenet 127.0.0.0 255.0.0.0 # ignore loopback net
# You can define as many ignorenets as
# you want. Ignoring a net with
# ignorenet is not as efficient as
# ignoremask. Thus you should exclude
# your local network with ignoremask,
# not with ignorenet (although this is
# is possible).debug 4 # set debugging level
debugfile /tmp/nacctd.debug # where to put debugging info
?? нет решения?