RE: [SLUG] Bandwidth/packet/netfilter log file analysis tools
I use the ULOG target with Iptables/Netfilter and the ulogd userspace daemon to log traffic to a MySQL database. From there I can run all sorts of scripts to query the database and find relevant statistics. If you dont want to write the scripts yourself, there are ones out there which will query the database and generate reports for you. A couple that come to mind are ulogd-php and webfwlog. Regards, Chris Barnes. -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Gareth Walters Sent: Monday, 17 November 2003 9:46 AM To: [EMAIL PROTECTED] Subject: [SLUG] Bandwidth/packet/netfilter log file analysis tools G'day all, I am looking for some tools to report on and monitor traffic through my firewall. I was hoping just something to parse the netfilter logs but I am not having much luck finding anything useful. I need to keep a reliable record of bandwidth usage. help me debug connection problems Does any one out there have any recommendations or suggestions? -- ---Gareth Walters System Administrator/IT support Micro Forté -- http://www.microforte.com.au http://www.bigworldtech.com *** This information may contain PRIVILEGED AND CONFIDENTIAL information intended only for the use of the addressee(s). Anyone who receives this communication in error, should notify us immediately and destroy the original message without reading, copying or forwarding it to anyone. *** -- SLUG - Sydney Linux User's Group - http://slug.org.au/ More Info: http://lists.slug.org.au/listinfo/slug -- SLUG - Sydney Linux User's Group - http://slug.org.au/ More Info: http://lists.slug.org.au/listinfo/slug
Re: [SLUG] Bandwidth/packet/netfilter log file analysis tools
On Mon, 2003-11-17 at 16:11, Steve Kowalik wrote: > On Mon, Nov 17, 2003 at 03:47:46PM +1100, Chris Deigan wrote: > > mttr or cricket might be of interest, it will give you nice purty graphs > > I think you mean mrtg. MTTR is something very different. :-) Yes, thanks for that. :-) -- Chris [EMAIL PROTECTED] -- SLUG - Sydney Linux User's Group - http://slug.org.au/ More Info: http://lists.slug.org.au/listinfo/slug
Re: [SLUG] Bandwidth/packet/netfilter log file analysis tools
On Mon, Nov 17, 2003 at 03:47:46PM +1100, Chris Deigan wrote: > mttr or cricket might be of interest, it will give you nice purty graphs I think you mean mrtg. MTTR is something very different. :-) -- Steve I've lost my sig! -- SLUG - Sydney Linux User's Group - http://slug.org.au/ More Info: http://lists.slug.org.au/listinfo/slug
Re: [SLUG] Bandwidth/packet/netfilter log file analysis tools
On Mon, 2003-11-17 at 09:46, Gareth Walters wrote: > I need to > keep a reliable record of bandwidth usage. > help me debug connection problems mttr or cricket might be of interest, it will give you nice purty graphs :-D -- Chris [EMAIL PROTECTED] -- SLUG - Sydney Linux User's Group - http://slug.org.au/ More Info: http://lists.slug.org.au/listinfo/slug
Re: [SLUG] Bandwidth/packet/netfilter log file analysis tools
On Mon, Nov 17, 2003 at 09:46:16AM +1100, Gareth Walters wrote: > I need to > keep a reliable record of bandwidth usage. > help me debug connection problems > > Does any one out there have any recommendations or suggestions? I'll second jaq's recommendation of ipac-ng. It is seriously tasty stuff. > *** > This information may contain PRIVILEGED AND CONFIDENTIAL information > intended only for the use of the addressee(s). Anyone who receives this > communication in error, should notify us immediately and destroy the > original message without reading, copying or forwarding it to anyone. > *** http://www.goldmark.org/jeff/stupid-disclaimers In particular, how are we supposed to know whether it's in error without reading it, and how do we notify you of the error without copying (in part) the message in question? - Matt -- SLUG - Sydney Linux User's Group - http://slug.org.au/ More Info: http://lists.slug.org.au/listinfo/slug
Re: [SLUG] Bandwidth/packet/netfilter log file analysis tools
This one time, at band camp, Gareth Walters wrote: >G'day all, >I am looking for some tools to report on and monitor traffic through my >firewall. >I was hoping just something to parse the netfilter logs but I am not >having much >luck finding anything useful. > >I need to >keep a reliable record of bandwidth usage. iptables -L -v will tell you byte and packet counts that matched each rule, so if you have a rule at the top of your chain that matches everything and let it pass, then it'll just count traffic through the interface. ipac-ng sets up its packet counters like this -- [EMAIL PROTECTED] http://spacepants.org/jaq.gpg -- SLUG - Sydney Linux User's Group - http://slug.org.au/ More Info: http://lists.slug.org.au/listinfo/slug
[SLUG] Bandwidth/packet/netfilter log file analysis tools
G'day all, I am looking for some tools to report on and monitor traffic through my firewall. I was hoping just something to parse the netfilter logs but I am not having much luck finding anything useful. I need to keep a reliable record of bandwidth usage. help me debug connection problems Does any one out there have any recommendations or suggestions? -- ---Gareth Walters System Administrator/IT support Micro Forté -- http://www.microforte.com.au http://www.bigworldtech.com *** This information may contain PRIVILEGED AND CONFIDENTIAL information intended only for the use of the addressee(s). Anyone who receives this communication in error, should notify us immediately and destroy the original message without reading, copying or forwarding it to anyone. *** -- SLUG - Sydney Linux User's Group - http://slug.org.au/ More Info: http://lists.slug.org.au/listinfo/slug