[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re-post, with additional questions/infomation: Traffic monitoring/logging question

Hi list(eners),

Thanks for the previous suggestions.
Despite this suggestions, we still can't find a suitable solution.

We have looked at NTOP , IPAC and MRTG.
MRTG does not give us the right information in the right for, so this ain't an option.
It seems that both other utils need some in depth knowledge to let them fit our situation. 

Let me try to explain the situation a bit better.

We've got a firewall witch connects multiple LAN's to the internet.
On both LAN's there are public services, witch are accessable from the internet via NAT rules.
We need to track and log all possible traffice and analize it on a daily, weekly and monthly basis, so we can devide te cost of the connection. 

Here are the questions about IPAC and NTOP.

IPAC:
1.) Does IPAC support DNAT, SNAT and forward rules?
2.) Does anyone have /know some documentation on IPAC
3.) Has someone succesfully implemented this in a similar situation?

NTOP:
1.) Does anyone know how to log and store the collected data?
2.) Does anyone know how to insert specific source/destination rules?


I hope someone can help us further.

Anyway, thanks in advance.



A.M. (Auke) Rensen
Senior System Engineer

Ovation B.V.





Original message:
=================
For our company's shared internet connection, I'm looking for a utility to monitor and log the generated traffic over the internet connection. 
As you can see there are two LAN's connected to a firewall/proxy server.
The firewall uses IPTables, DNAT and SNAT.

------------------------------------------------------------------------


          Situation sketch

              ----------
             | Internet |
              ----------
                  |
                 _|
                /
               | <= eth0
              _|____
             |______|     ---------------------------
             |______| <= | Debian GNU/Linux Firewall |
             |      | <= | Release: Unstable         |
             |      | <= | Kernel: 2.4.16            |
             |+ === | <= | Proxy: Squid              |
             |      |     ---------------------------
             | ---- |
             | ---- |
             |______|
      eth1 => |    | <= eth2
              |    |
              |    |______
              |           |
              |           |
      |-------|-------|   |
             LAN1         |
                          |
                  |-------|-------|
                         LAN2

------------------------------------------------------------------------
What I'm looking for is a application (or a combination of multiple) witch can build some usage reports. We need this information to share the bill of the internet connection fairly. 
I'd like to be able to create daily, weekly, monthly and yearly reports.
What I'd like to know is if someone knows a utility witch is at least capable of giving the following statistics: 

Traffic from:
-------------
- LAN1 <=> internet, in bytes.
- LAN2 <=> internet, in bytes.
- LAN1 <=> LAN2, in bytes.
- Total amount of traffic from all LAN's <=> Internet.

Reports:
--------
I'd prefer the reports in some kind of graphical way, but plain text would also be fine. I need to get "per host statistics", to compare them to the total amount of traffic 

Note:
-----
The clients on both LAN's use the firewall as proxy server (...)
This traffic MUST also be included in the statistics.


I know this all CAN be done, but I don't know where to start.
Can anybody help me?


Thanks in advance,



A.M. (Auke) Rensen
Reply to: