>/usr/local/etc/naccttab в студию! или где оно у вас лежит? database mysql # "mysql" or "file"
# choose to write in mysql or in
# /var/log/net-acct
# now it works :)
mysql_user acct # usually you don't need to change this
mysql_password heenrootheen1364 # change this to your password
mysql_host localhost # sometimes you need to change this to
# 127.0.0.1 instead of localhost
mysql_database netacct # usually you don't need to change this
mysql_table traffic # table name
pidfile /var/run/nacctd.pid # set pid file
# tis will help if you want to
# two (or more) nacctd on same machine
compactnet 192.168.202.0 255.255.255.0
compactnet 81.26.140.174 255.255.255.248
# log only summary day trafic for this network
# patch by Boril
flush 300 # flush every 5 minutes
# this gives the interval in seconds
# when the accumulated data is flushed
# to the output file
fdelay 60 # this defines after how many seconds
# of inactivity a certain record of
# traffic information may be written out
# this helps making the logfiles smaller
# since only one output record will be
# generated for related traffic
file /var/log/net-acct # defines output file
# this is the regular output file of
# the daemon
dumpfile /var/log/net-acct-dump # defines dump file
# this is used to dump the not yet
# written information so this is not
# lost should the machine crash
# on startup an eventuelly existing
# file of this name will be moved
# to *.o
notdev eth0 # Dont log entries for this device
# Use this on routers that you dont
# log forwarded packets twice.
device eth1 # device to put into promiscous mode
# you can specify as many as you want
# and you don't have to specify one
# (e.g. if this runs on your router)
#
# if you plan to use it on some *BSD
# system put here apropriate device
# i.e. - device ep0
# iflimit eth0 # on machines with multiple interfaces,
# log only packets on this interface
# mutually exclusive with hostlimit
ignoremask 255.255.255.0 # Ignore traffic on same class C net
# This means traffic that is on
# your local LAN is not counted.
# This is useful for NFS etc.
# Not giving this option causes everything
# to be counted.
# This can degrade performance seriously!
ignorenet 127.0.0.0 255.0.0.0 # ignore loopback net
# You can define as many ignorenets as
# you want. Ignoring a net with
# ignorenet is not as efficient as
# ignoremask. Thus you should exclude
# your local network with ignoremask,
# not with ignorenet (although this is
# is possible).
# masqif 192.168.72.141 # if compiled with -DREMAP_MASQUERADE:
# ipnumber you are masquerading as,
# this remaps ip/port for incoming
# connections (e.g. ftp-data) to ip/port
# of the masqueraded destination
debug 2 # set debugging level
debugfile /tmp/nacctd.debug # where to put debugging info
# Device configuration
# Defines where the real data starts for each type of interface
# First give the name prefix, then the offset in bytes to the start
# of the real data, then the offset of the type field in bytes. If
# there is no type field, just give a 0.
# Don't specify SLIP or PPP devices here, otherwise association of
# dynamic ip-addresses with usernames won't work
# Put device types with more traffic last.
headers tr 40 38
headers lo 14 12
headers isdn 4 0
# headers isdn 14 0 # for hdlc/trans/cisco and hdlc/trans/raw
headers eth 14 12
headers plip 14 12
# For dynamic slip/ppp
dynamicip /var/run # where files for dynamic ip are stored
dynamicnet 202.36.94.0 255.255.255.0 # on which network are all the
# dynamically assigned adresses
exclude-name-lookup 202.36.94.1 255.255.255.255
exclude-name-lookup 202.36.94.253 255.255.255.255
# hostlimit 12.34.56.78 # log only packets to/from this host
# hostlimit 34.56.78.12 # and this one too
# this option is mutually exclusive with iflimit
# For disabling certain fields
# This is commented out by default
# Field 7 is disabled by default so we match the old (pre 0.5) output format
# Now everything is disableb by default and it works ... if you disable
# src_ip address it will write empty cell in mysql or data_size it will
# write 0 in mysql
#
# disable 2 # disable output of protocol
# disable 3 # disable output of source address
# disable 4 # disable output of source port
# disable 5 # disable output of destination address
# disable 6 # disable output of destination port
# disable 7 # disable output of packets count
# disable 8 # disable output of byte count
# disable 9 # disable output of device name
# disable 10 # disable output of user name
# disable 11 # disable output of duration
# disable 12 # disable output of peering flag
# For excluding certain hosts from ignoring
# This can be useful for a kludgy way to account for proxy traffic, you'd then
# add your proxy server here.
# I guess I should consider using some filter language...
# This is commented out by default
# This does not affect addresses excluded by ignoremask,
# as this would impose too much of a performance penalty
# dontignore 127.3.4.5 255.255.255.255 # Don't ignore host 127.3.4.5,
# although it would be excluded by
# above ignorenet statement
# line sl0 ttyS0 # One way to
# assign traffic to a user is if both
# of the following conditions meet:
# a) nacctd runs on the ppp/slip server
# b) the relation between network interface
# (e.g. sl0, ppp1) and serial line (e.g.
# ttyS1) is fixed.
# You can give as many line statements
# as you want
# There is a better way now, so this is
# commented out