Re: Traffic monitoring/logging question
mm nice scheme. Did you wrote an RFC or ?? (uppercase must, can ;)
The key is to the be able to account the traffic which is a miss in
squid and this, on a per client basis. Squid have a mib which
give you such stats, this is good. I developed an addon to this
mib to get a per subnet stats, if you 're interested, i can send you
the patch. So, you can use iptables accounting: using the right
setup should be easy. The only tricky part is for ftp, irc etc..
traffic: you need to use the new --helper feature of iptables which
match any traffic that use the ipconntrack helper moduler XXX.
Aggregating all these information will give you the numbers you want.
For stocking and reporting, you can use mrtg or cricket or a script
and RRDtool or logtrend which is pretty nice but still very poor
snmp wise.
Hope that help,
JeF
On Wed, Feb 27, 2002 at 04:41:36PM +0100, Auke Rensen wrote:
> For our company's shared internet connection, I'm looking for a utility to
> monitor and log the generated traffic over the internet connection.
> As you can see there are two LAN's connected to a firewall/proxy server.
> The firewall uses IPTables, DNAT and SNAT.
>
> ------------------------------------------------------------------------
>
>
> Situation sketch
>
> ----------
> | Internet |
> ----------
> |
> _|
> /
> | <= eth0
> _|____
> |______| ---------------------------
> |______| <= | Debian GNU/Linux Firewall |
> | | <= | Release: Unstable |
> | | <= | Kernel: 2.4.16 |
> |+ === | <= | Proxy: Squid |
> | | ---------------------------
> | ---- |
> | ---- |
> |______|
> eth1 => | | <= eth2
> | |
> | |______
> | |
> | |
> |-------|-------| |
> LAN1 |
> |
> |-------|-------|
> LAN2
>
> ------------------------------------------------------------------------
>
>
> What I'm looking for is a application (or a combination of multiple) witch
> can build some usage reports.
> We need this information to share the bill of the internet connection
> fairly.
> I'd like to be able to create daily, weekly, monthly and yearly reports.
> What I'd like to know is if someone knows a utility witch is at least
> capable of giving the following statistics:
>
> Traffic from:
> -------------
> - LAN1 <=> internet, in bytes.
> - LAN2 <=> internet, in bytes.
> - LAN1 <=> LAN2, in bytes.
> - Total amount of traffic from all LAN's <=> Internet.
>
> Reports:
> --------
> I'd prefer the reports in some kind of graphical way, but plain text would
> also be fine.
> I need to get "per host statistics", to compare them to the total amount of
> traffic
>
> Note:
> -----
> The clients on both LAN's use the firewall as proxy server (...)
> This traffic MUST also be included in the statistics.
>
>
> I know this all CAN be done, but I don't know where to start.
> Can anybody help me?
>
>
> Thanks in advance,
>
>
>
> A.M. (Auke) Rensen
>
>
>
> --
> To UNSUBSCRIBE, email to debian-isp-request@lists.debian.org
> with a subject of "unsubscribe". Trouble? Contact
> listmaster@lists.debian.org
>
--
-> Jean-Francois Dive
--> jef@linuxbe.org
Reply to: