Re: [Shorewall-users] Reporting Analisysing program

[Javier Martínez]

Hí everybody. Have a nice day. I have installed drraw and  it works fine. I have done all the configuration in /etc/shorewall/accounting, i have done the script to get the  rrd that i need and finally  i must insert with a daemon process each minute the data in the rrd files, in this stept is where i have problems. I have followed this script, but it reports me an error. What i do is this: # /sbin/iptables -L vpn1-in -vxn Chain vpn1-in (6 references)     pkts      bytes target     prot opt in     out     source               destination    81172  4220945            all  --  ppp0   *       192.168.1.100        0.0.0.0/0        0        0            all  --  ppp0   *       192.168.1.101        0.0.0.0/0        0        0            all  --  ppp0   *       192.168.1.102        0.0.0.0/0        0        0            all  --  ppp0   *       192.168.1.103        0.0.0.0/0        0        0            all  --  ppp0   *       192.168.1.104        0.0.0.0/0        0        0            all  --  ppp0   *       192.168.1.105        0.0.0.0/0 and i make a cron with this file, that respond me with an error: #sh javier1 ERROR: expected 6 data source readings (got 1) from N: where the content of javier1 is: # more javier1 # /usr/bin/rrdtool update vpn1-in.rrd N:`/sbin/iptables -L vpn1-in -vxn | \    /usr/bin/awk 'BEGIN  { getline ; getline }         { print $2 }' | \  /usr/bin/tr '         ' ':' | /bin/sed -e 's/:$//'` I don´t know what´s the matter, so i would agree you in advance if you can solve me the problem. I think for you is very easy because i am newbie in shell programming as you suppousse. Can you help me? Thanks in advance Simon Hobson wrote: Javier Martínez wrote: Anybody knows some graphic reporting/analysing program for shorewall 4.0.7 or i have to do it by accounting? As Tom says, Shorewall is just a front end to make the low level stuff easier to administer. Here are some scripts I use for traffic logging : First you need to log the traffic, so in 'accounting' I have : # Outside global stats outside-in:COUNT - eth0 - outside-out:COUNT - - eth0 DONE outside # Do acocunting by IP address account-ip - - - total-ip-in:COUNT account-ip eth0 - total-ip-out:COUNT account-ip - eth0 DONE total-ip acc-serv total-serv-in:COUNT acc-serv eth0 - total-serv-out:COUNT acc-serv - eth0 DONE total-serv INCLUDE accounting.ip INCLUDE accounting.service And in accounting.ip I have : acc1-in:COUNT account-ip eth0 195.8.169.1 acc1-out:COUNT account-ip 195.8.169.1 eth0 DONE acc1 acc2-in:COUNT account-ip eth0 195.8.169.2 acc2-out:COUNT account-ip 195.8.169.2 eth0 DONE acc2 (and so on up to 254, yes, we have a whole class C to play with) accounting.service is currently empty Then you need somewhere to put the data, so we have an rrd file created thus : rrdtool create ip-stats.rrd -s 300 \ DS:total-in:DERIVE:600:0:U \ DS:total-out:DERIVE:600:0:U \ \ DS:ip1-in:DERIVE:600:0:U \ DS:ip1-out:DERIVE:600:0:U \ DS:ip2-in:DERIVE:600:0:U \ DS:ip2-out:DERIVE:600:0:U \ ... DS:ip254-in:DERIVE:600:0:U \ DS:ip254-out:DERIVE:600:0:U \ \ RRA:AVERAGE:0.5:1:576 \ RRA:MAX:0.5:1:576 \ RRA:AVERAGE:0.5:6:672 \ RRA:MAX:0.5:6:672 \ RRA:AVERAGE:0.5:24:732 \ RRA:MAX:0.5:24:732 \ RRA:AVERAGE:0.5:288:730 \ RRA:MAX:0.5:288:730 # CFs for : # 1 x 576 48hrx 5m # 6 x 672 14d x 1/2hr # 24 x 732 61d x 2hr # 288 x 730 730d x 12hr Then you need to get the data out of the kernel tables, I run this cron job once a minute : /usr/bin/rrdtool update ip-stats.rrd N:`/sbin/iptables -L account-ip -vxn | \ /usr/bin/awk 'BEGIN { getline ; getline } { print $2 }' | \ /usr/bin/tr ' ' ':' | /bin/sed -e 's/:$//'` The only step left then is to draw some graphs. The scripts I have for that are, well 'a bit ragged' and also too big to post here. Hopefully that should give you some ideas of what is possible - 'man' is your friend in working out what each bit of the script does, and the online documentation for shorewall will cover that side. ------------------------------------------------------------------------- This SF.net email is sponsored by: Microsoft Defy all challenges. Microsoft(R) Visual Studio 2008. http://clk.atdmt.com/MRT/go/vse0120000070mrt/direct/01/ _______________________________________________ Shorewall-users mailing list Shorewall-users@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/shorewall-users -- Javier Martínez Director General Sip2000 Sistemas Luis Morondo Urra 11 Bajo 31006 Pamplona Navarra http://www.sip2000.es Advertencia: Esta comunicación está destinada a la persona a quién se dirige y puede contener información confidencial o sometida a secreto profesional. Su interceptación, utilización, alteración, reproducción, difusión, cesión a terceros y / o uso de su contenido puede constituir un delito. Si Vd. no es el destinatario de este mensaje, por favor, destrúyalo o devuélvalo al remitente. En cumplimiento de la Ley Orgánica 15/1999 de 13 de diciembre, de protección de datos de carácter personal, se le informa que la dirección de correo electrónico por usted facilitada va a ser incorporada a un fichero automatizado denominado AGENDAS DE CORREO cuyo responsable es SIP2000 SISTEMAS. La recogida de estos datos tiene por finalidad posibilitar la gestión económico-administrativa y comercial de la empresa. La información facilitada por usted tiene como único destinatario a la empresa responsable de los datos SIP2000 SISTEMAS. En todo caso, usted puede en cualquier momento ejercitar los derechos de acceso, rectificación, cancelación y oposición dirigiéndose por escrito al encargado de los derechos de los afectados de SIP2000 SISTEMAS en C/ Luis Morondo, 11 Bajo. 31006 - Pamplona (Navarra).

-------------------------------------------------------------------------
This SF.net email is sponsored by: Microsoft
Defy all challenges. Microsoft(R) Visual Studio 2008.
http://clk.atdmt.com/MRT/go/vse0120000070mrt/direct/01/
_______________________________________________
Shorewall-users mailing list
Shorewall-users@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/shorewall-users