Commit 421d0851 authored by schlick's avatar schlick

shorewall stats

parent c8498c0f
$Id: ChangeLog,v 1.4 2006/08/15 01:02:03 schlick Exp $
$Id: ChangeLog,v 1.5 2006/08/17 18:12:51 schlick Exp $
2006/08/14 - rrd database creation changed
2006/08/16 - rrd_shorewallstat.pl added
it is now possible to replace iptraf!!
2006/08/14 - rrd database creation changed, number of average, max values in
the rrd-files changed.
2006/08/12 - rrd_privoxy.sh added
......
......@@ -3,7 +3,7 @@
systemgraph - a RRDtool frontend for various system statistics
by Jochen Schlick <j.schlick_at_web.de>
$Id: README,v 1.8 2006/08/10 18:02:02 schlick Exp $
$Id: README,v 1.9 2006/08/17 18:14:06 schlick Exp $
-----------------------------------------------------
......@@ -22,9 +22,16 @@ Required Modules
Note that several Linux distributions already have these modules as RPMs.
optional:
- iptraf (version >=3.0) for detailed network (protocol) statistic
- for detailed network (protocol) statistic:
shorewall(version >2.0, http://www.shorewall.net)
or
iptraf (version >=3.0)
- ntp tools are necessary for creating the ntpdrift statistic
- lm-sensor package for getting the system health statistic. When
your health chip isn't supported feel free to send me the output
of /usr/bin/sensors <sensorname> so that I can integrate your sensor
......@@ -72,13 +79,31 @@ systemgraph is made of some scripts:
this interface then you have to remove the concerning RRD database file too!
- If you want to get a detailed protocol statistic you need to run an instance
of iptraf for every network interface and you need to define the interfaces
for iptraf in your systemgraph.sysconfig file.
If you don't have pgrep you have to start iptraf manually (see /usr/bin/rrd_iptraf.pl
for more details - in my eyes its behaviour is sometimes strange)
- If you want to get a detailed protocol statistic you have from now on
(systemgraph version 0.9) two possibilities:
You can use shorewall or iptraf.
Shorewall is a full featured iptables-based firewall which provides also
a really easy to use interface for protocol accounting/statistic. If you
don't know this tool you should try out. It's one of the best open source
firewall products. http://www.shorewall.net
- When you want to use shorewall you simply have to modify shorewall's
accounting file (/etc/shorewall/accounting) for getting the detailed
protocol statistic. There is an example accounting file for eth0 and
ppp0 which is part of this package. You have to adapt this for other
interfaces by replacing eth0/ppp0 and then insert these lines in your
own /etc/shorewall/accounting file.
- If you prefer to get a detailed protocol statistic by using iptraf instead
you need to run an instance of iptraf for every network interface.
If you don't have pgrep you have to start iptraf manually
(see /usr/bin/rrd_iptraf.pl for more details - in my eyes its behaviour
is sometimes strange)
Finally you need to define the interfaces for shorewall / iptraf in your
systemgraph.sysconfig file.
TODO: iptraf should be replaced by a better tool
......
#
# systemgraph's accounting file for eth0 and ppp0
#
#
# Please see http://shorewall.net/Accounting.html for examples and
# additional information about how to use this file.
#
#####################################################################################
#ACTION CHAIN SOURCE DESTINATION PROTO DEST SOURCE USER/
# PORT(S) PORT(S) GROUP
###################
# eth0 #
###################
inSGeth0_22:COUNT - - eth0 tcp 22
DONE inSGeth0_22
ouSGeth0_22:COUNT - eth0 - tcp 22
DONE ouSGeth0_22
#..............................................................
inSGeth0_25:COUNT - - eth0 tcp 25
DONE inSGeth0_25
ouSGeth0_25:COUNT - eth0 - tcp 25
DONE ouSGeth0_25
#..............................................................
inSGeth0_80:COUNT - - eth0 tcp 80
DONE inSGeth0_80
ouSGeth0_80:COUNT - eth0 - tcp 80
DONE ouSGeth0_80
#..............................................................
inSGeth0_110:COUNT - - eth0 tcp 110
DONE inSGeth0_110
ouSGeth0_110:COUNT - eth0 - tcp 110
DONE ouSGeth0_110
#..............................................................
inSGeth0_119:COUNT - - eth0 tcp 119
DONE inSGeth0_119
ouSGeth0_119:COUNT - eth0 - tcp 119
DONE ouSGeth0_119
#..............................................................
inSGeth0_443:COUNT - - eth0 tcp 443
DONE inSGeth0_443
ouSGeth0_443:COUNT - eth0 - tcp 443
DONE ouSGeth0_443
#..............................................................
#
###################
# ppp0 #
###################
inSGppp0_22:COUNT - - ppp0 tcp 22
DONE inSGppp0_22
ouSGppp0_22:COUNT - ppp0 - tcp 22
DONE ouSGppp0_22
#..............................................................
inSGppp0_25:COUNT - - ppp0 tcp 25
DONE inSGppp0_25
ouSGppp0_25:COUNT - ppp0 - tcp 25
DONE ouSGppp0_25
#..............................................................
inSGppp0_80:COUNT - - ppp0 tcp 80
DONE inSGppp0_80
ouSGppp0_80:COUNT - ppp0 - tcp 80
DONE ouSGppp0_80
#..............................................................
inSGppp0_110:COUNT - - ppp0 tcp 110
DONE inSGppp0_110
ouSGppp0_110:COUNT - ppp0 - tcp 110
DONE ouSGppp0_110
#..............................................................
inSGppp0_119:COUNT - - ppp0 tcp 119
DONE inSGppp0_119
ouSGppp0_119:COUNT - ppp0 - tcp 119
DONE ouSGppp0_119
#..............................................................
inSGppp0_443:COUNT - - ppp0 tcp 443
DONE inSGppp0_443
ouSGppp0_443:COUNT - ppp0 - tcp 443
DONE ouSGppp0_443
#..............................................................
#
......@@ -2,7 +2,7 @@
# rrd_5minute.sh - runs all rrd_xxxx scripts
# which should be started every 5 minutes
#
# $Id: rrd_5minute.sh,v 1.6 2006/08/11 23:02:34 schlick Exp $
# $Id: rrd_5minute.sh,v 1.7 2006/08/17 18:14:26 schlick Exp $
#######################################################################
/usr/bin/rrd_disk.pl
......@@ -12,5 +12,8 @@
source /usr/bin/rrd_privoxy.sh
# needs /usr/sbin/shorewall to run
/usr/bin/rrd_shorewallstats.pl
# needs /usr/bin/iptraf to run
/usr/bin/rrd_iptraf.pl
# $Id: systemgraph.spec,v 1.24 2006/08/15 23:20:12 schlick Exp $
# $Id: systemgraph.spec,v 1.25 2006/08/17 18:15:06 schlick Exp $
Name: systemgraph
Version: 0.8.1
Release: 22.js
Version: 0.9
Release: 23.js
Epoch: 0
Summary: A RRDtool Frontend For Various System Statistics
......@@ -35,16 +35,28 @@ systemgraph is a very simple statistics RRDtool frontend for various
system specific values (loadavg, used memory, processes...)
that produces daily, weekly, monthly and yearly graphs.
- ntp drift (depends on installed ntp)
- network devices, traffic, protocol statistic
- network devices, traffic, protocol statistic, proxy (privoxy) statistic
- disk devices
- open files (needs an installed lsof)
- cpu infos, memory (needs vmstat >=3)
- temperature,fan status .... (needs an installed lm_sensors package...)
If you want to get a detailed protocol statistic you need to run an instance
of iptraf for every network interface and you need to define the interfaces
in your systemgraph.sysconfig file. If you don't have pgrep you have to start
iptraf manually
If you want to get a detailed protocol statistic you have now two
possibilities. You can use shorewall(www.shorewall.net) or iptraf.
- When you want to use shorewall you simply have to modify shorewall's
accounting file (/etc/shorewall/accounting) for getting the detailed
protocol statistic. There is an example accounting file for eth0 and
ppp0 which is part of this package. You have to adapt this for other
interfaces by replacing eth0/ppp0 and then insert these lines in your
own /etc/shorewall/accounting file.
- If you prefer to get the detailed protocol statistic by using iptraf instead
you need to run an instance of iptraf for every network interface.
If you don't have pgrep you have to start iptraf manually
(see /usr/bin/rrd_iptraf.pl for more details - in my eyes its behaviour
is sometimes strange)
Finally you need to define the interfaces for shorewall / iptraf in your
systemgraph.sysconfig file.
It is also possible to define an own time range for the global systemgraph
summary page: systemgraph.cgi?43h --> summary for the last 43 hours
......@@ -81,7 +93,7 @@ install -m 755 rrd_5minute.sh %{buildroot}/%{_bindir}
install -m 755 rrd_health.pl %{buildroot}/%{_bindir}
install -m 755 rrd_iptraf.pl %{buildroot}/%{_bindir}
install -m 755 rrd_shorewall.pl %{buildroot}/%{_bindir}
install -m 755 rrd_shorewall*.pl %{buildroot}/%{_bindir}
......@@ -131,7 +143,7 @@ echo "Note: you have to modify %{_sysconfdir}/sysconfig/%{name}.sysconfig"
#.....................................................................
%files
%defattr(-,root,root,-)
%doc COPYING README ChangeLog iptraf*png
%doc COPYING README ChangeLog iptraf*png accounting
%{_bindir}/rrd_*.pl
%{_bindir}/rrd_*.sh
%{_wwwDir}/%{name}.cgi
......@@ -141,6 +153,12 @@ echo "Note: you have to modify %{_sysconfdir}/sysconfig/%{name}.sysconfig"
#....................................................................
%changelog
* Wed Aug 16 2006 Jochen Schlick <schlick@localhost> 0:0.9-23.js
- shorewall stuff included, so that the user has the chance to get rid
of the iptraf tool. since the iptables based shorewall provides the
same protocol statistic data.
- rrd databases changed, number of average/max values changed
* Sat Aug 12 2006 Jochen Schlick <j.schlick_at_web_de> 0:0.8.1-22.js
- rrd_privoxy.sh added
......
#
# $Id: systemgraph.sysconfig,v 1.11 2006/08/15 23:20:12 schlick Exp $
# $Id: systemgraph.sysconfig,v 1.12 2006/08/17 18:15:44 schlick Exp $
####################################################
# DISKDEVICES: (used by rrd_disk.pl)
####################################################
......@@ -18,6 +18,23 @@
#NETDEV=eth1
#
#####################################################
# SHOREWALL devices (used by rrd_shorewall.pl)
# NOTE:
# 1)Before you want to use shorewall traffic monitor
# for detailed protocol statistic you have to edit
# in your shorewall config directory (/etc/shorewall)
# the accounting file (/etc/shorewall/accounting)
# for the concerning interface. There is an example
# accounting file for eth0 and ppp0 which is part of
# the package.
# 2)After editing the accounting file you have to
# reload/restart shorewall.
#####################################################
#
#SHOREWALL_NETDEV=eth0
#SHOREWALL_NETDEV=ppp0
#
#####################################################
# IPTRAF devices (used by rrd_iptraf.pl)
# NOTE:
# 1)Before you want to use iptraf monitor for detailed
......@@ -37,22 +54,7 @@
#####################################################
#
#IPTRAF_NETDEV=eth0
#IPTRAF_NETDEV=eth1
#
#####################################################
# SHOREWALL devices (used by rrd_shorewall.pl)
# NOTE:
# 1)Before you want to use shorewall traffic monitor
# for detailed protocol statistic you have to edit
# in your shorewall config directory (/etc/shorewall)
# the accounting file (/etc/shorewall/accounting)
# for the concerning interface
# 2)After editing the accounting file you have to
# reload/restart shorewall.
#####################################################
#
#SHOREWALL_NETDEV=eth0
#SHOREWALL_NETDEV=eth1
#IPTRAF_NETDEV=pp0
#
#####################################################
# system health (lm_sensors stuff...
......
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment