aldric
asked on
Stats on a Network ?
Hi,
I work with Red Hat 5.2. and a router to go to the Internet.
This computer is used by some of my customers to access to internet. They pass through the "linux firewall" and we change they network range (NAT) . One of them asked us, if we can provide some statistiques about their connexions
(date, time ...) but i don't know if it's possible ?
Any ideas are welcome.
I work with Red Hat 5.2. and a router to go to the Internet.
This computer is used by some of my customers to access to internet. They pass through the "linux firewall" and we change they network range (NAT) . One of them asked us, if we can provide some statistiques about their connexions
(date, time ...) but i don't know if it's possible ?
Any ideas are welcome.
How about enabling IP_ACCOUNTING in the kernel,
or using a script and parse the messages log file?
or using a script and parse the messages log file?
ASKER
Hi Ahoffmann,
How can I know if IP_ACCOUNTING is enabled plz?
How can I know if IP_ACCOUNTING is enabled plz?
currently no linux handy, soory.
But check in /proc if you have something which matches.
Or check the -A option in the ipfwadm man-page.
But check in /proc if you have something which matches.
Or check the -A option in the ipfwadm man-page.
Hi,
run tcpdump to collect the data about the network traffic and then you can analyse them by simple Perl scripts to provide some statistics.
Hope this helps
Radovan
run tcpdump to collect the data about the network traffic and then you can analyse them by simple Perl scripts to provide some statistics.
Hope this helps
Radovan
ASKER
Radovan,
You're right,tcpdump collect interesting data, but I've to
collect data during a complete week for exemple, and tcpdump provides too much stats. I'll crash my disk in a really short time.
Thanks anyway.
You're right,tcpdump collect interesting data, but I've to
collect data during a complete week for exemple, and tcpdump provides too much stats. I'll crash my disk in a really short time.
Thanks anyway.
Hi,
you can customize the tcpdump's output (by command line parameters) and redirect it directly through a pipe to your Perl script so you get only the relevant info at the end of the day.
Radovan
you can customize the tcpdump's output (by command line parameters) and redirect it directly through a pipe to your Perl script so you get only the relevant info at the end of the day.
Radovan
ASKER
Adjusted points to 200
ASKER
Radovan,
Could you give me more info please about the command line parameters :=) ? or an exemple ??
Let me know,
Aldric.
Could you give me more info please about the command line parameters :=) ? or an exemple ??
Let me know,
Aldric.
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
If you are using a filtering firewall then your logging & subsequent stats are limited. However, if you are using proxy software to manage the firewall gateways, then the world is your oyster! Seriously, if your proxies are writing to log files anywhere, you just need to extract the relevant user information from them, which will be easy. Checkout Analog.
ASKER
Sorry for the delay, I wasn't near an internet computer these latest weeks. Thanks.
ASKER