#!/bin/sh
#
# ip accounting, requires iptables/firewall running.
# grabs current counters and resets them after collecting.
#
# output format:
# seconds_since_1970 bytes direction
#

if test -e "/etc/firewall.conf"; then
    . /etc/firewall.conf
else
    echo "Configuration /etc/firewall.conf does not exist!"
    exit 1
fi

log="/var/log/accounting.log"

for chain in ACC_IN ACC_OUT; do
    direction=`echo $chain | sed 's/ACC_//'`
    iptables -L $chain -n -v -x | sed 's/^ *//' | grep "^[0-9]" | while read LINE; do
	bytes=`echo $LINE | awk '{print $2}'`
	time=`date +%s`
	echo "$time $bytes $direction" >> $log
	iptables -Z $chain
    done
done