Example 7

Goal
You are an administrator of your office network. Your PCs have IP addresses, ranging 192.168.3.2-192.168.3.255. The office network is connected to the Internet by a gateway running Microsoft Windows Server 2003 with NAT (192.168.3.1). The gateway runs also proxy server that serves connections from browsers. The proxy server accepts incoming connections on TCP port 3128. Other Internet traffic (e.g. SMTP, POP3 and etc) comes out using NAT. Your goal is to count the Internet-traffic for every PC of the office network. The traffic between the PCs within the office network must not be accounted.

Solution
You should do the following:
- Fill in the Local Address Table (LAT) with a range 192.168.3.1-192.168.3.255
- Create the filters for traffic accounting (one filter per PC). Every filter should contain two rules (the rule for proxy traffic and for NAT traffic).

Filter 1. Internet traffic of PC 192.168.3.2.
N
Rule
Type of IP 
protocol
Source
address
Source
port
Destination
address
Destination
port
Both
directions
Action
for
packet
Additional condition
1 TCP 192.168.3.2 Any 192.168.3.1 3128 Yes Count  
2 Any 192.168.3.2   IP addresses of WAN   Yes Count  
Filter 2. Internet traffic of PC 192.168.3.3.
N
Rule
Type of IP 
protocol
Source
address
Source
port
Destination
address
Destination
port
Both
directions
Action
for
packet
Additional condition
1 TCP 192.168.3.3 Any 192.168.3.1 3128 Yes Count  
2 Any 192.168.3.3   IP addresses of WAN   Yes Count  
Filter 3. Internet traffic of PC 192.168.3.4.
N
Rule
Type of IP 
protocol
Source
address
Source
port
Destination
address
Destination
port
Both
directions
Action
for
packet
Additional condition
1 TCP 192.168.3.4 Any 192.168.3.1 3128 Yes Count  
2 Any 192.168.3.4   IP addresses of WAN   Yes Count  
Filter 4. Internet traffic of PC 192.168.3.5...
Filter 5. Internet traffic of PC 192.168.3.6...

 Note