Firewall – Track torrent traffic in shorewall

accountingfirewallshorewalltorrenttraffic

I use shorewall to configure my firewall. Is there anyway to track torrent traffic using shorewall accounting?

Best Answer

You can force the packets for your torrent traffic to the logs by enacting a LOG rule on it, just before the ACCEPT rule for it. For example, if your torrent traffic is on port 5555 you could write:

#ACTION         SOURCE          DEST            PROTO   DEST    SOURCE
#                                                       PORT

LOG             out-zone        in-zone         tcp     5555
ACCEPT          out-zone        in-zone         tcp     5555

These packets will be logged to your /var/log/messages by default. Then you can use an analysis tool to visualize this data. I have not used it myself, but after some cursory research the IPTables log analyzer seems to be a solution.

Related Topic