[bf1942] Low Impact Bandwidth Usage
ScratchMonkey
ScratchMonkey at SewingWitch.com
Sat Nov 29 20:53:06 EST 2003
--On Thursday, November 27, 2003 08:13:18 AM -0500 Dennis Gardner
<dman at lanhouse.ca> wrote:
> Someone mentioned ipac-ng a while back on this list. I tried it and liked
> it. It may not work for you as it ties into firewall rules and counts
> bytes per rule. Because iptables/ipchains looks at every packet coming in
> anyway, there is little overhead (There is a poll of the rules though)
> assuming you are using one of them in the first place. Setting it up can
> be difficult and it is sensitive to time changes time changes.
Most of the other solutions use libpcap, which installs packet monitors in
the packet path before they reach the iptables filters. iptables may use
less overhead since the filter hit doesn't result in an immediate call up
into userspace. Instead, a userspace program periodically polls the filter
to read its counter. Normally polling is a bad thing in event-driven
systems, but in this case if the polling is infrequent compared to the
event, it uses far less CPU at a slight cost in precision.
More information about the Bf1942
mailing list