Search code examples
iptablessystemd

How to record net traffic before net closed when to poweroff?

I want to record net traffic everytime on debian8.
Here is my way. 

sudo vim /etc/systemd/system/graphical.target.wants/Ktraffic.service

[Unit]
Description=Record net traffic

[Service]
Type=oneshot
ExecStart=/bin/bash   /etc/init.d/K01trafficLog.sh

[Install]
WantedBy=poweroff.target

sudo vim  /etc/init.d/K011trafficLog.sh
#!/bin/bash
trafficlog="/var/log/traffic.log"
echo  `date "+%Y-%m-%d %H:%M:%S  "` >> $trafficlog
iptables  -v -L INPUT |grep Chain   >> $trafficlog 

systemctl enable ktraffic.service

To check the traffic log file when to reboot.

sudo cat /var/log/traffic.log
2017-02-05 10:49:31Chain INPUT (policy ACCEPT 0 packets, 0 bytes)
2017-02-05 11:40:25Chain INPUT (policy ACCEPT 0 packets, 0 bytes)

no packets number recorded in /var/log/traffic.log.
Network connection was closed before execution of /etc/init.d/K011trafficLog.sh,how to make it execute before network connection colsed?

Which service closed network connection during poweroff?

systemctl |grep net - vim
(standard input):sys-devices-pci0000:00-0000:00:1c.2-0000:03:00.0-net-eth0.device                         loaded active plugged   RTL8111/8168/8411 PCI Express Gigabit Ethernet Controller
(standard input):sys-subsystem-net-devices-eth0.device                                                    loaded active plugged   RTL8111/8168/8411 PCI Express Gigabit Ethernet Controller
(standard input):netfilter-persistent.service                                                             loaded active exited    netfilter persistent configuration
(standard input):network-online.target                                                                    loaded active active    Network is Online
(standard input):network.target                                                                           loaded active active    Network
vim:sys-devices-pci0000:00-0000:00:1c.2-0000:03:00.0-net-eth0.device                         loaded active plugged   RTL8111/8168/8411 PCI Express Gigabit Ethernet Controller
vim:sys-subsystem-net-devices-eth0.device                                                    loaded active plugged   RTL8111/8168/8411 PCI Express Gigabit Ethernet Controller
vim:netfilter-persistent.service                                                             loaded active exited    netfilter persistent configuration
vim:network-online.target                                                                    loaded active active    Network is Online
vim:network.target                                                                           loaded active active    Network

Is the network.service to close my network when poweroff?

sudo vim /etc/systemd/system/graphical.target.wants/Ktraffic.service

[Unit]
Description=Record net traffic
Before=networking.service

[Service]
Type=oneshot
ExecStart=/bin/bash   /etc/init.d/K01trafficLog.sh

[Install]
WantedBy=poweroff.target

To reboot to test it, my issue remains.
I set a flag in /var/log/syslog. 

echo  "it is a flag here to get output info of poweroff " | sudo tee -a  /var/log/syslog

To reboot and get syslog as following.

[![enter image description here][1]][1]

Which service result in info Starting Synchronise Hardware Clock to System Clock?

Solution

  • Thank to Ferenc Wágner .

    solution to Execute simple script before shutdown and reboot

    It is right fromat to record network traffic on my eth0.

    [Unit]
Description=Record net traffic
Before=shutdown.target reboot.target halt.target poweroff.target

[Service]
Type=oneshot
RemainAfterExit=true
ExecStart=/bin/bash
ExecStop=/bin/bash   /etc/init.d/K01trafficLog.sh

[Install]
WantedBy=poweroff.target shutdown.target reboot.target halt.target