Still celebrating National IT Professionals Day with 3 months of free Premium Membership. Use Code ITDAY17

x
?
Solved

Stats on a Network ?

Posted on 1999-07-05
12
Medium Priority
?
193 Views
Last Modified: 2010-03-18
Hi,
I work with Red Hat 5.2. and a router to go to the Internet.
This computer is used by some of my customers to access to internet. They pass through the "linux firewall" and we change they network range (NAT) . One of them asked us, if we can provide some statistiques about their connexions
(date, time ...) but i don't know if it's possible ?
Any ideas are welcome.
0
Comment
Question by:aldric
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 6
  • 3
  • 2
  • +1
12 Comments
 

Author Comment

by:aldric
ID: 1585594
Edited text of question.
0
 
LVL 51

Expert Comment

by:ahoffmann
ID: 1585595
How about enabling IP_ACCOUNTING in the kernel,
or using a script and parse the messages log file?
0
 

Author Comment

by:aldric
ID: 1585596
Hi Ahoffmann,
How can I know if IP_ACCOUNTING is enabled plz?
0
Turn your laptop into a mobile console!

The CV211 Laptop USB Console Adapter provides a direct Laptop-to-Computer connection for fast and easy remote desktop access with no software to install.

 
LVL 51

Expert Comment

by:ahoffmann
ID: 1585597
currently no linux handy, soory.
But check in /proc if you have something which matches.
Or check the -A option in the ipfwadm man-page.
0
 
LVL 1

Expert Comment

by:chytrace
ID: 1585598
Hi,

         run tcpdump to collect the data about the network traffic and then you can analyse them by simple Perl scripts to provide some statistics.

Hope this helps

                     Radovan
0
 

Author Comment

by:aldric
ID: 1585599
Radovan,
You're right,tcpdump collect interesting data, but I've to
collect data during a complete week for exemple, and tcpdump provides too much stats. I'll crash my disk in a really short time.
Thanks anyway.
0
 
LVL 1

Expert Comment

by:chytrace
ID: 1585600
Hi,

         you can customize the tcpdump's output (by command line parameters) and redirect it directly through a pipe to your Perl script so you get only the relevant info at the end of the day.

Radovan
0
 

Author Comment

by:aldric
ID: 1585601
Adjusted points to 200
0
 

Author Comment

by:aldric
ID: 1585602
Radovan,

Could you give me more info please about the command line parameters :=) ? or an exemple ??
Let me know,

Aldric.
0
 
LVL 1

Accepted Solution

by:
chytrace earned 800 total points
ID: 1585603
Hi,
         for example:

tcpdump -l tcp and dst host host.some.net and
                            src net x.x.0.0 mask 255.255.0.0 | eat.pl

where eat.pl is Perl script like for example:

-------------------------- cut here ---------------------------------
#!/usr/bin/perl

while(<STDIN>)
{
 chop;
 ($stamp, $srchost, $srcport, $dsthost, $dstport) =
/^(\d+:\d+:\d+\.\d+)\s(\S+)\.(\S+)\s\>\s(\S+)\.(\S+)/;
 print "$srchost $srcport $dsthost $dstport\n";
}
-------------------------- cut here ---------------------------------

Radovan
0
 
LVL 1

Expert Comment

by:jtg
ID: 1585604
If you are using a filtering firewall then your logging & subsequent stats are limited. However, if you are using proxy software to manage the firewall gateways, then the world is your oyster! Seriously, if your proxies are writing to log files anywhere, you just need to extract the relevant user information from them, which will be easy. Checkout Analog.
0
 

Author Comment

by:aldric
ID: 1585605
Sorry for the delay, I wasn't near an internet computer these latest weeks. Thanks.


0

Featured Post

VIDEO: THE CONCERTO CLOUD FOR HEALTHCARE

Modern healthcare requires a modern cloud. View this brief video to understand how the Concerto Cloud for Healthcare can help your organization.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

I have seen several blogs and forum entries elsewhere state that because NTFS volumes do not support linux ownership or permissions, they cannot be used for anonymous ftp upload through the vsftpd program.   IT can be done and here's how to get i…
Note: for this to work properly you need to use a Cross-Over network cable. 1. Connect both servers S1 and S2 on the second network slots respectively. Note that you can use the 1st slots but usually these would be occupied by the Service Provide…
If you're a developer or IT admin, you’re probably tasked with managing multiple websites, servers, applications, and levels of security on a daily basis. While this can be extremely time consuming, it can also be frustrating when systems aren't wor…
Monitoring a network: how to monitor network services and why? Michael Kulchisky, MCSE, MCSA, MCP, VTSP, VSP, CCSP outlines the philosophy behind service monitoring and why a handshake validation is critical in network monitoring. Software utilized …

721 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question