How do you measure downstream bandwidth per user?

Question

In a Linux-based system (specifically, Ubuntu Server 8.04), how can you measure downstream bandwidth on a per-user basis? Optimally, I would like a method that provides data directly instead of having to run another process and parse its output. I have a technique for measuring per-user upstream bandwidth by setting up one iptables filter per user and checking their counters at regular intervals, but this doesn't seem to be supported for downstream connections, which I assume is because iptables checks packets before they are routed to a process.

[edit 20080916 153434 EST] By "per-user", I mean literal accounts on the system. That is, any account with a real POSIX UID owning actual running processes. So, for Ubuntu Server 8.04, measurements would include values for root, www-data, my own account, etc.

Answer 1

I don't see any obvious way to do this as implemented, but I'd expect it would be something you could do with a custom ip_conntrack module. You'd capture the uid when first creating the conntrack entry, then apply that same uid in both directions.