Stats on a Network ?

Hi,
I work with Red Hat 5.2. and a router to go to the Internet.
This computer is used by some of my customers to access to internet. They pass through the "linux firewall" and we change they network range (NAT) . One of them asked us, if we can provide some statistiques about their connexions
(date, time ...) but i don't know if it's possible ?
Any ideas are welcome.
aldricAsked:
Who is Participating?
 
chytraceConnect With a Mentor Commented:
Hi,
         for example:

tcpdump -l tcp and dst host host.some.net and
                            src net x.x.0.0 mask 255.255.0.0 | eat.pl

where eat.pl is Perl script like for example:

-------------------------- cut here ---------------------------------
#!/usr/bin/perl

while(<STDIN>)
{
 chop;
 ($stamp, $srchost, $srcport, $dsthost, $dstport) =
/^(\d+:\d+:\d+\.\d+)\s(\S+)\.(\S+)\s\>\s(\S+)\.(\S+)/;
 print "$srchost $srcport $dsthost $dstport\n";
}
-------------------------- cut here ---------------------------------

Radovan
0
 
aldricAuthor Commented:
Edited text of question.
0
 
ahoffmannCommented:
How about enabling IP_ACCOUNTING in the kernel,
or using a script and parse the messages log file?
0
Take Control of Web Hosting For Your Clients

As a web developer or IT admin, successfully managing multiple client accounts can be challenging. In this webinar we will look at the tools provided by Media Temple and Plesk to make managing your clients’ hosting easier.

 
aldricAuthor Commented:
Hi Ahoffmann,
How can I know if IP_ACCOUNTING is enabled plz?
0
 
ahoffmannCommented:
currently no linux handy, soory.
But check in /proc if you have something which matches.
Or check the -A option in the ipfwadm man-page.
0
 
chytraceCommented:
Hi,

         run tcpdump to collect the data about the network traffic and then you can analyse them by simple Perl scripts to provide some statistics.

Hope this helps

                     Radovan
0
 
aldricAuthor Commented:
Radovan,
You're right,tcpdump collect interesting data, but I've to
collect data during a complete week for exemple, and tcpdump provides too much stats. I'll crash my disk in a really short time.
Thanks anyway.
0
 
chytraceCommented:
Hi,

         you can customize the tcpdump's output (by command line parameters) and redirect it directly through a pipe to your Perl script so you get only the relevant info at the end of the day.

Radovan
0
 
aldricAuthor Commented:
Adjusted points to 200
0
 
aldricAuthor Commented:
Radovan,

Could you give me more info please about the command line parameters :=) ? or an exemple ??
Let me know,

Aldric.
0
 
jtgCommented:
If you are using a filtering firewall then your logging & subsequent stats are limited. However, if you are using proxy software to manage the firewall gateways, then the world is your oyster! Seriously, if your proxies are writing to log files anywhere, you just need to extract the relevant user information from them, which will be easy. Checkout Analog.
0
 
aldricAuthor Commented:
Sorry for the delay, I wasn't near an internet computer these latest weeks. Thanks.


0
All Courses

From novice to tech pro — start learning today.