1The nfacct match provides the extended accounting infrastructure for iptables. 2You have to use this match together with the standalone user-space utility 3.B nfacct(8) 4.PP 5The only option available for this match is the following: 6.TP 7\fB\-\-nfacct\-name\fP \fIname\fP 8This allows you to specify the existing object name that will be use for 9accounting the traffic that this rule-set is matching. 10.PP 11To use this extension, you have to create an accounting object: 12.IP 13nfacct add http\-traffic 14.PP 15Then, you have to attach it to the accounting object via iptables: 16.IP 17iptables \-I INPUT \-p tcp \-\-sport 80 \-m nfacct \-\-nfacct\-name http\-traffic 18.IP 19iptables \-I OUTPUT \-p tcp \-\-dport 80 \-m nfacct \-\-nfacct\-name http\-traffic 20.PP 21Then, you can check for the amount of traffic that the rules match: 22.IP 23nfacct get http\-traffic 24.IP 25{ pkts = 00000000000000000156, bytes = 00000000000000151786 } = http-traffic; 26.PP 27You can obtain 28.B nfacct(8) 29from http://www.netfilter.org or, alternatively, from the git.netfilter.org 30repository. 31