{"id":478,"date":"2010-02-09T11:55:19","date_gmt":"2010-02-09T09:55:19","guid":{"rendered":"http:\/\/www.netexpertise.eu\/fr\/?p=478"},"modified":"2021-10-11T21:31:57","modified_gmt":"2021-10-11T20:31:57","slug":"stats-reseau-avec-iptables","status":"publish","type":"post","link":"http:\/\/www.netexpertise.eu\/fr\/systeme\/linux\/stats-reseau-avec-iptables.html","title":{"rendered":"Afficher les Stats R\u00e9seau sur Linux avec IPtables"},"content":{"rendered":"\n<p>Comme tout bon firewall, <a href=\"\/fr\/tag\/iptables\">iptables<\/a> est aussi capable d&rsquo;afficher des statistiques r\u00e9seau. L&rsquo;option -v (&#8211;verbose) associ\u00e9e \u00e0 &#8211;list (-L) permet d&rsquo;afficher les compteurs de paquets et d&rsquo;octets. Les stats r\u00e9seau sont disponibles pour chacune des r\u00e8gles iptables. En voici un exemple appliqu\u00e9 \u00e0 la cha\u00eene INPUT:<br>&nbsp;<\/p>\n\n\n\n<pre class=\"wp-block-code\"><code lang=\"bash\" class=\"language-bash\">[stats@serveur_linux]$ sudo iptables -nvL INPUT\nChain INPUT (policy DROP 74941 packets, 7900K bytes)\n<strong> pkts bytes<\/strong> target prot opt in out source    destination\n<strong>1392K  543M<\/strong> ACCEPT all  --  lo *   0.0.0.0\/0 0.0.0.0\/0\n<strong>1179K  680M<\/strong> ACCEPT all  --  *  *   0.0.0.0\/0 0.0.0.0\/0   state RELATED,ESTABLISHED\n<strong>   10   524<\/strong> ACCEPT tcp  --  *  *   0.0.0.0\/0 0.0.0.0\/0   state NEW tcp dpt:22\n<strong>   25  1200<\/strong> ACCEPT tcp  --  *  *   0.0.0.0\/0 0.0.0.0\/0   state NEW tcp dpt:21\n<strong> 5372  260K<\/strong> ACCEPT tcp  --  *  *   0.0.0.0\/0 0.0.0.0\/0   state NEW tcp dpt:80\n<strong> 5842  280K<\/strong> ACCEPT tcp  --  *  *   0.0.0.0\/0 0.0.0.0\/0   state NEW tcp dpt:3306 \/* Mysql *\/\n<strong>   97  4536<\/strong> ACCEPT tcp  --  *  *   0.0.0.0\/0 0.0.0.0\/0   state NEW tcp dpt:9999 \/* APP *\/\n<strong>    0     0<\/strong> ACCEPT udp  --  *  *   0.0.0.0\/0 0.0.0.0\/0   udp dpt:69 \/* TFTP *\/\n<strong>    0     0<\/strong> ACCEPT udp  --  *  *   0.0.0.0\/0 0.0.0.0\/0   udp dpt:161 \/* SNMP requests *\/\n<strong>   73  4380<\/strong> ACCEPT icmp --  *  *   0.0.0.0\/0 0.0.0.0\/0   icmp type 8\n<\/code><\/pre>\n\n\n\n<p>&nbsp;<br>Dans cet exemple, la r\u00e8gle avec l&rsquo;\u00e9tat RELATED et ESTABLISHED pourrait \u00eatre d\u00e9multipli\u00e9e par port pour obtenir des chiffres plus pr\u00e9cis.<br><br>Ce n&rsquo;est pas la peine de red\u00e9marrer le service iptables pour remettre les compteurs de paquets et de bytes \u00e0 z\u00e9ro, l&rsquo;option -Z ou &#8211;zero est l\u00e0 pour s&rsquo;en charger:<br>&nbsp;<\/p>\n\n\n\n<pre class=\"wp-block-code\"><code lang=\"bash\" class=\"language-bash\">[stats@serveur_linux]$ sudo iptables -Z INPUT\n[stats@serveur_linux]$ sudo iptables -nvL INPUT\nChain INPUT (policy DROP 74945 packets, 7901K bytes)\n<strong> pkts bytes<\/strong> target prot opt in out source    destination\n<strong>    0     0<\/strong> ACCEPT all  --  lo *   0.0.0.0\/0 0.0.0.0\/0\n<strong>    7   436<\/strong> ACCEPT all  --  *  *   0.0.0.0\/0 0.0.0.0\/0   state RELATED,ESTABLISHED\n<strong>    0     0<\/strong> ACCEPT tcp  --  *  *   0.0.0.0\/0 0.0.0.0\/0   state NEW tcp dpt:22\n<strong>    0     0<\/strong> ACCEPT tcp  --  *  *   0.0.0.0\/0 0.0.0.0\/0   state NEW tcp dpt:21\n<strong>    0     0<\/strong> ACCEPT tcp  --  *  *   0.0.0.0\/0 0.0.0.0\/0   state NEW tcp dpt:80\n<strong>    0     0<\/strong> ACCEPT tcp  --  *  *   0.0.0.0\/0 0.0.0.0\/0   state NEW tcp dpt:3306 \/* Mysql *\/\n<strong>    0     0<\/strong> ACCEPT tcp  --  *  *   0.0.0.0\/0 0.0.0.0\/0   state NEW tcp dpt:9999 \/* APP *\/\n<strong>    0     0<\/strong> ACCEPT udp  --  *  *   0.0.0.0\/0 0.0.0.0\/0   udp dpt:69 \/* TFTP *\/\n<strong>    0     0<\/strong> ACCEPT udp  --  *  *   0.0.0.0\/0 0.0.0.0\/0   udp dpt:161 \/* SNMP requests *\/\n<strong>    0     0<\/strong> ACCEPT icmp --  *  *   0.0.0.0\/0 0.0.0.0\/0   icmp type 8<\/code><\/pre>\n\n\n\n<p>&nbsp;<br>En plus de faire son travail de firewall et, m\u00eame si vous ne vous en servez pas pour filtrer, iptables peut aider \u00e0 identifier plus pr\u00e9cis\u00e9ment la source du trafic r\u00e9seau ou simplement fournir des statistiques r\u00e9seau sur ce qui entre et sort des serveurs.<\/p>\n","protected":false},"excerpt":{"rendered":"<p>Comme tout bon firewall, iptables est aussi capable d&rsquo;afficher des statistiques r\u00e9seau. L&rsquo;option -v (&#8211;verbose) associ\u00e9e \u00e0 &#8211;list (-L) permet d&rsquo;afficher les compteurs de paquets et d&rsquo;octets. Les stats r\u00e9seau sont disponibles pour chacune des r\u00e8gles iptables. En voici un exemple appliqu\u00e9 \u00e0 la cha\u00eene INPUT:&nbsp; &nbsp;Dans cet exemple, la r\u00e8gle avec l&rsquo;\u00e9tat RELATED et [&hellip;]<\/p>\n","protected":false},"author":2,"featured_media":0,"comment_status":"open","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"_mi_skip_tracking":false},"categories":[10],"tags":[324,325,407,107],"yoast_head":"<!-- This site is optimized with the Yoast SEO plugin v19.13 - https:\/\/yoast.com\/wordpress\/plugins\/seo\/ -->\n<title>Netexpertise - Afficher les Stats R\u00e9seau sur Linux avec IPtables<\/title>\n<meta name=\"description\" content=\"Affichez les statistiques des applications et ports r\u00e9seau avec le firewall IPTables sur Linux\" \/>\n<meta name=\"robots\" content=\"index, follow, max-snippet:-1, max-image-preview:large, max-video-preview:-1\" \/>\n<link rel=\"canonical\" href=\"http:\/\/www.netexpertise.eu\/fr\/systeme\/linux\/stats-reseau-avec-iptables.html\" \/>\n<meta property=\"og:locale\" content=\"fr_FR\" \/>\n<meta property=\"og:type\" content=\"article\" \/>\n<meta property=\"og:title\" content=\"Netexpertise - Afficher les Stats R\u00e9seau sur Linux avec IPtables\" \/>\n<meta property=\"og:description\" content=\"Affichez les statistiques des applications et ports r\u00e9seau avec le firewall IPTables sur Linux\" \/>\n<meta property=\"og:url\" content=\"http:\/\/www.netexpertise.eu\/fr\/systeme\/linux\/stats-reseau-avec-iptables.html\" \/>\n<meta property=\"og:site_name\" content=\"Netexpertise\" \/>\n<meta property=\"article:published_time\" content=\"2010-02-09T09:55:19+00:00\" \/>\n<meta property=\"article:modified_time\" content=\"2021-10-11T20:31:57+00:00\" \/>\n<meta name=\"author\" content=\"dave\" \/>\n<meta name=\"twitter:card\" content=\"summary_large_image\" \/>\n<meta name=\"twitter:creator\" content=\"@netexpertise\" \/>\n<meta name=\"twitter:site\" content=\"@netexpertise\" \/>\n<script type=\"application\/ld+json\" class=\"yoast-schema-graph\">{\"@context\":\"https:\/\/schema.org\",\"@graph\":[{\"@type\":\"WebPage\",\"@id\":\"http:\/\/www.netexpertise.eu\/fr\/systeme\/linux\/stats-reseau-avec-iptables.html\",\"url\":\"http:\/\/www.netexpertise.eu\/fr\/systeme\/linux\/stats-reseau-avec-iptables.html\",\"name\":\"Netexpertise - Afficher les Stats R\u00e9seau sur Linux avec IPtables\",\"isPartOf\":{\"@id\":\"https:\/\/www.netexpertise.eu\/fr\/#website\"},\"datePublished\":\"2010-02-09T09:55:19+00:00\",\"dateModified\":\"2021-10-11T20:31:57+00:00\",\"author\":{\"@id\":\"https:\/\/www.netexpertise.eu\/fr\/#\/schema\/person\/e398f0307e2b167f6b884c4953be2632\"},\"description\":\"Affichez les statistiques des applications et ports r\u00e9seau avec le firewall IPTables sur Linux\",\"breadcrumb\":{\"@id\":\"http:\/\/www.netexpertise.eu\/fr\/systeme\/linux\/stats-reseau-avec-iptables.html#breadcrumb\"},\"inLanguage\":\"fr-FR\",\"potentialAction\":[{\"@type\":\"ReadAction\",\"target\":[\"http:\/\/www.netexpertise.eu\/fr\/systeme\/linux\/stats-reseau-avec-iptables.html\"]}]},{\"@type\":\"BreadcrumbList\",\"@id\":\"http:\/\/www.netexpertise.eu\/fr\/systeme\/linux\/stats-reseau-avec-iptables.html#breadcrumb\",\"itemListElement\":[{\"@type\":\"ListItem\",\"position\":1,\"name\":\"Accueil\",\"item\":\"https:\/\/www.netexpertise.eu\/fr\"},{\"@type\":\"ListItem\",\"position\":2,\"name\":\"Afficher les Stats R\u00e9seau sur Linux avec IPtables\"}]},{\"@type\":\"WebSite\",\"@id\":\"https:\/\/www.netexpertise.eu\/fr\/#website\",\"url\":\"https:\/\/www.netexpertise.eu\/fr\/\",\"name\":\"Netexpertise\",\"description\":\"Syst\u00e8mes \/ R\u00e9seaux \/ DevOps\",\"potentialAction\":[{\"@type\":\"SearchAction\",\"target\":{\"@type\":\"EntryPoint\",\"urlTemplate\":\"https:\/\/www.netexpertise.eu\/fr\/?s={search_term_string}\"},\"query-input\":\"required name=search_term_string\"}],\"inLanguage\":\"fr-FR\"},{\"@type\":\"Person\",\"@id\":\"https:\/\/www.netexpertise.eu\/fr\/#\/schema\/person\/e398f0307e2b167f6b884c4953be2632\",\"name\":\"dave\",\"image\":{\"@type\":\"ImageObject\",\"inLanguage\":\"fr-FR\",\"@id\":\"https:\/\/www.netexpertise.eu\/fr\/#\/schema\/person\/image\/\",\"url\":\"http:\/\/1.gravatar.com\/avatar\/1129916e1f4955bd632f27f836f64e55?s=96&d=mm&r=g\",\"contentUrl\":\"http:\/\/1.gravatar.com\/avatar\/1129916e1f4955bd632f27f836f64e55?s=96&d=mm&r=g\",\"caption\":\"dave\"},\"sameAs\":[\"http:\/\/www.netexpertise.eu\"]}]}<\/script>\n<!-- \/ Yoast SEO plugin. -->","yoast_head_json":{"title":"Netexpertise - Afficher les Stats R\u00e9seau sur Linux avec IPtables","description":"Affichez les statistiques des applications et ports r\u00e9seau avec le firewall IPTables sur Linux","robots":{"index":"index","follow":"follow","max-snippet":"max-snippet:-1","max-image-preview":"max-image-preview:large","max-video-preview":"max-video-preview:-1"},"canonical":"http:\/\/www.netexpertise.eu\/fr\/systeme\/linux\/stats-reseau-avec-iptables.html","og_locale":"fr_FR","og_type":"article","og_title":"Netexpertise - Afficher les Stats R\u00e9seau sur Linux avec IPtables","og_description":"Affichez les statistiques des applications et ports r\u00e9seau avec le firewall IPTables sur Linux","og_url":"http:\/\/www.netexpertise.eu\/fr\/systeme\/linux\/stats-reseau-avec-iptables.html","og_site_name":"Netexpertise","article_published_time":"2010-02-09T09:55:19+00:00","article_modified_time":"2021-10-11T20:31:57+00:00","author":"dave","twitter_card":"summary_large_image","twitter_creator":"@netexpertise","twitter_site":"@netexpertise","schema":{"@context":"https:\/\/schema.org","@graph":[{"@type":"WebPage","@id":"http:\/\/www.netexpertise.eu\/fr\/systeme\/linux\/stats-reseau-avec-iptables.html","url":"http:\/\/www.netexpertise.eu\/fr\/systeme\/linux\/stats-reseau-avec-iptables.html","name":"Netexpertise - Afficher les Stats R\u00e9seau sur Linux avec IPtables","isPartOf":{"@id":"https:\/\/www.netexpertise.eu\/fr\/#website"},"datePublished":"2010-02-09T09:55:19+00:00","dateModified":"2021-10-11T20:31:57+00:00","author":{"@id":"https:\/\/www.netexpertise.eu\/fr\/#\/schema\/person\/e398f0307e2b167f6b884c4953be2632"},"description":"Affichez les statistiques des applications et ports r\u00e9seau avec le firewall IPTables sur Linux","breadcrumb":{"@id":"http:\/\/www.netexpertise.eu\/fr\/systeme\/linux\/stats-reseau-avec-iptables.html#breadcrumb"},"inLanguage":"fr-FR","potentialAction":[{"@type":"ReadAction","target":["http:\/\/www.netexpertise.eu\/fr\/systeme\/linux\/stats-reseau-avec-iptables.html"]}]},{"@type":"BreadcrumbList","@id":"http:\/\/www.netexpertise.eu\/fr\/systeme\/linux\/stats-reseau-avec-iptables.html#breadcrumb","itemListElement":[{"@type":"ListItem","position":1,"name":"Accueil","item":"https:\/\/www.netexpertise.eu\/fr"},{"@type":"ListItem","position":2,"name":"Afficher les Stats R\u00e9seau sur Linux avec IPtables"}]},{"@type":"WebSite","@id":"https:\/\/www.netexpertise.eu\/fr\/#website","url":"https:\/\/www.netexpertise.eu\/fr\/","name":"Netexpertise","description":"Syst\u00e8mes \/ R\u00e9seaux \/ DevOps","potentialAction":[{"@type":"SearchAction","target":{"@type":"EntryPoint","urlTemplate":"https:\/\/www.netexpertise.eu\/fr\/?s={search_term_string}"},"query-input":"required name=search_term_string"}],"inLanguage":"fr-FR"},{"@type":"Person","@id":"https:\/\/www.netexpertise.eu\/fr\/#\/schema\/person\/e398f0307e2b167f6b884c4953be2632","name":"dave","image":{"@type":"ImageObject","inLanguage":"fr-FR","@id":"https:\/\/www.netexpertise.eu\/fr\/#\/schema\/person\/image\/","url":"http:\/\/1.gravatar.com\/avatar\/1129916e1f4955bd632f27f836f64e55?s=96&d=mm&r=g","contentUrl":"http:\/\/1.gravatar.com\/avatar\/1129916e1f4955bd632f27f836f64e55?s=96&d=mm&r=g","caption":"dave"},"sameAs":["http:\/\/www.netexpertise.eu"]}]}},"_links":{"self":[{"href":"http:\/\/www.netexpertise.eu\/fr\/wp-json\/wp\/v2\/posts\/478"}],"collection":[{"href":"http:\/\/www.netexpertise.eu\/fr\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"http:\/\/www.netexpertise.eu\/fr\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"http:\/\/www.netexpertise.eu\/fr\/wp-json\/wp\/v2\/users\/2"}],"replies":[{"embeddable":true,"href":"http:\/\/www.netexpertise.eu\/fr\/wp-json\/wp\/v2\/comments?post=478"}],"version-history":[{"count":0,"href":"http:\/\/www.netexpertise.eu\/fr\/wp-json\/wp\/v2\/posts\/478\/revisions"}],"wp:attachment":[{"href":"http:\/\/www.netexpertise.eu\/fr\/wp-json\/wp\/v2\/media?parent=478"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"http:\/\/www.netexpertise.eu\/fr\/wp-json\/wp\/v2\/categories?post=478"},{"taxonomy":"post_tag","embeddable":true,"href":"http:\/\/www.netexpertise.eu\/fr\/wp-json\/wp\/v2\/tags?post=478"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}