This is just a short post about using the Munin ip_ plugin to monitor traffic to and from particular hosts using iptables.

There are a number of posts that describe how to add the necessary rules to iptables for counting traffic to each host that you're interested in. Unfortunately, they all suggest using rules which are the wrong way around. The correct rules should look like this (to monitor traffic to the host at 192.168.0.1):

-A INPUT -s 192.168.0.1
-A OUTPUT -d 192.168.0.1

All the resources I found quoted the rules above with the INPUT and OUTPUT chains switched, meaning no traffic would ever be recorded.