Hi Miguel,
My experience was that using the 'external script' option to mrtg, in
conjunction with some accounting rules in the iptables rulesets was
another way to go.
Instead of calling mrtg directory from cron, I call a wrapper script
(do_mrtg) that:
1. Retrieves any statistics needed using suid wrappers.
- In my case, iptables output, and smartctl information.
2. Calls mrtg.
Food for thought, at least.
http://www.sr.bham.ac.uk/~mpc/p2/monitor/
Mark
On Mon, 2004-05-24 at 12:54, Miguel A Paraz wrote:
> Hi,
> I need to display MRTG graphs for the request traffic of user groups,
> classified by IP subnet. This is to be integrated into an existing MRTG
> setup.
>
> If I read the docs correctly, SNMP only knows about counters for
> the total web traffic, and can't differentiate based on IP subnets or ACLs.
>
> The obvious way to do it would be to go through the logfile every 5 minutes -
> or the MRTG redraw interval - and look for matching IP's.
> However, this is costly if the logfile is large.
>
> Another possibility is to 'tail' the file and scan the new lines, keeping
> the totals in memory and writing them to files. MRTG will then pick up the
> numbers from the files.
>
> Which of these would you recommend? Any experiences?
> Thanks in advance!
>
--
Mark Cooke <[EMAIL PROTECTED]>
University Of Birmingham
#!/usr/bin/perl
$ACCT = @_;
# Print the 'in' traffic for eth2
open $ACCT, "/home/mrtg/iptables_list";
while (<$ACCT>)
{
next unless s{^Chain INPUT .*$}""g;
while (<$ACCT>)
{
last if $_ =~ /^\n/;
next unless s{^ *[0-9]+ +([0-9]+) E2_I .*$}"$1"g;
print;
}
break;
}
close $ACCT;
# Print the 'out' traffic for eth2
open $ACCT, "/home/mrtg/iptables_list";
while (<$ACCT>)
{
next unless s{^Chain OUTPUT .*$}""g;
while (<$ACCT>)
{
last if $_ =~ /^\n/;
next unless s{^ *[0-9]+ +([0-9]+) E2_O .*$}"$1"g;
print;
}
break;
}
close $ACCT;
print "0\n";
print "Total Traffic Statistics - Bytes\n";
#!/bin/sh
cd /home/mrtg
umask 002
# Read the traffic data in from the (root only) /proc/net/ip_fwchains file
source/fw > iptables_list
# Read the smart stats
source/sd a > sd_list_a
source/sd b > sd_list_b
source/sd c > sd_list_c
source/sd d > sd_list_d
/usr/bin/mrtg /home/mrtg/mrtg.cfg
# Make an archive
cd /var/ftp/pub/graphs
tar cfz /home/mrtg/archives/`date +"%Y-%U"`.tgz *.log
#include <sys/types.h>
#include <sys/stat.h>
#include <fcntl.h>
#include <unistd.h>
#include <errno.h>
int main(int argc, char *argv[])
{
return execl("/sbin/iptables", "/sbin/iptables", "-L", "-v", "-x", NULL);
}
all:
gcc -O2 -o fw fw.c
strip fw
chmod 4555 fw
gcc -O2 -o sd sd.c
strip sd
chmod 4555 sd
#include <sys/types.h>
#include <sys/stat.h>
#include <fcntl.h>
#include <unistd.h>
#include <errno.h>
int main(int argc, char *argv[])
{
char buff[256];
snprintf(buff, 256, "/dev/hd%c", argv[1][0]);
execl("/usr/sbin/smartctl", "/usr/sbin/smartctl", "-a", buff, NULL);
}
