Sometimes you need to monitor your network in a more exact manner. For
example - traffic generated per station or per service/port. You can easily
achive that functionality combining rrdcollect with iptables.

Let's assume, we need to monitor box named foo with IP address 192.168.0.5.

First, we need to create iptables rules for gathering the requested data.
Put into your firewall script following rules:
iptables -t mangle -A FORWARD -s 192.168.0.5 -j ACCEPT -m comment --comment foo:out
iptables -t mangle -A FORWARD -d 192.168.0.5 -j ACCEPT -m comment --comment foo:in

Please note, that you can change the content of comment parameter. You just need
to remember to tune also rrdcollect.conf configuration.

Next step: creating the RRD archive:
rrdtool create foo.rrd -s 30\
        DS:in:COUNTER:90:U:U\
        DS:out:COUNTER:90:U:U\
        RRA:AVERAGE:0.99:2:60\
        RRA:AVERAGE:0.99:120:72\
        RRA:MAX:0.99:120:72\
        RRA:AVERAGE:0.99:20160:53\
        RRA:MAX:0.99:20160:53

Then put into rrdcollect.conf:
exec:///sbin/iptables -t mangle -L FORWARD -v -x -n
"%*d %d %*s %*s %*s %*s %*s %*s %*s /* foo:out */"  foo.rrd:out
"%*d %d %*s %*s %*s %*s %*s %*s %*s /* foo:in */"   foo.rrd:in

Please note, that you need at least rrdcollect 0.2.8 to have it working
properly.