Example 7

Goal
You are an administrator of your office network. Your PCs have IP addresses, ranging 192.168.3.2-192.168.3.255. The office network is connected to the Internet by a gateway running Microsoft Windows Server 2003 with NAT (192.168.3.1). The gateway runs also proxy server that serves connections from browsers. The proxy server accepts incoming connections on TCP port 3128. Other Internet traffic (e.g. SMTP, POP3 and etc) comes out using NAT. Your goal is to count the Internet-traffic for every PC of the office network. The traffic between the PCs within the office network must not be accounted.

Solution
You should do the following:
- Fill in the Local Address Table (LAT) with a range 192.168.3.1-192.168.3.255
- Create the filters for traffic accounting (one filter per PC). Every filter should contain two rules (the rule for proxy traffic and for NAT traffic).

Filter 1. Internet traffic of PC 192.168.3.2.
N
Rule		 Type of IP 
protocol		 Source
address		 Source
port		 Destination
address		 Destination
port		 Both
directions		 Action
for
packet		 Additional condition
1 TCP 192.168.3.2 Any 192.168.3.1 3128 Yes Count  
2 Any 192.168.3.2   IP addresses of WAN   Yes Count  
Filter 2. Internet traffic of PC 192.168.3.3.
N
Rule		 Type of IP 
protocol		 Source
address		 Source
port		 Destination
address		 Destination
port		 Both
directions		 Action
for
packet		 Additional condition
1 TCP 192.168.3.3 Any 192.168.3.1 3128 Yes Count  
2 Any 192.168.3.3   IP addresses of WAN   Yes Count  
Filter 3. Internet traffic of PC 192.168.3.4.
N
Rule		 Type of IP 
protocol		 Source
address		 Source
port		 Destination
address		 Destination
port		 Both
directions		 Action
for
packet		 Additional condition
1 TCP 192.168.3.4 Any 192.168.3.1 3128 Yes Count  
2 Any 192.168.3.4   IP addresses of WAN   Yes Count  
Filter 4. Internet traffic of PC 192.168.3.5...
Filter 5. Internet traffic of PC 192.168.3.6...

 Note