Solved

Cacti template for IP Aliases

Posted on 2010-09-02
6
1,128 Views
Last Modified: 2013-12-15
I have a RHEL 5 server with Cacti installed. Since this server has multiple IP addresses using IP Aliasing, I need to setup a Cacti template that can monitor each of the IPs for inbound and outbound traffic. I tried using the example document I found here (http://www.roth.lu/cacti-snmp-tut.htm), but it seems to be lacking as it is not clearly written.

Has anyone else tried this type of monitoring? If so, how did you configure Cacti to monitor per IP Alias interface?
0
Comment
Question by:Michael W
  • 3
  • 3
6 Comments
 
LVL 3

Expert Comment

by:gremwell
ID: 33594250
The page you refer to describes how to configure iptables to count number of incoming and outgoing packets per IP alias. Then the author makes this information available via SNMP. Next it use Cacti to fetch the data from SNMP.

Please specify what part you are having difficulties with.
0
 
LVL 29

Author Comment

by:Michael W
ID: 33595870
The iptables porition isn't showing anything. It keeps showing the amount of data being '0'.

Plus, the section labeled "3B. Graph Template" is confusing in its wording. What actually needs to be modified and in what order, etc?

0
 
LVL 3

Accepted Solution

by:
gremwell earned 500 total points
ID: 33596009
The IP tables part seems to work fine for me. I have attached the scripts (iptables_traffic_rules_gen.sh is slightly modified to take care of chain creation).

abb@d820:/usr/local/sbin/snmp_ips$ sudo ./iptables_traffic_rules_gen.sh

abb@d820:/usr/local/sbin/snmp_ips$ ./iptables_traffic_iplist.sh -g
192.168.1.103
127.0.0.1
172.16.202.1
172.16.180.1
172.16.190.1
172.16.57.1
172.16.58.1
192.168.122.1

abb@d820:/usr/local/sbin/snmp_ips$ ./iptables_traffic_iplist.sh -i
1
2
3
4
5
6
7
8

abb@d820:/usr/local/sbin/snmp_ips$ sudo ./iptables_traffic_eval.sh in
13772
0
0
0
0
0
0
0

abb@d820:/usr/local/sbin/snmp_ips$ sudo ./iptables_traffic_eval.sh out
21070
0
0
0
0
0
0
0

And, after ping localhost:

abb@d820:/usr/local/sbin/snmp_ips$ sudo ./iptables_traffic_eval.sh  in
16582
672
0
0
0
0
0
0

Hope it helps a bit. Can't help you with graph templates though, I don't use cacti myself.
iptables-traffic.zip
0
Ransomware-A Revenue Bonanza for Service Providers

Ransomware – malware that gets on your customers’ computers, encrypts their data, and extorts a hefty ransom for the decryption keys – is a surging new threat.  The purpose of this eBook is to educate the reader about ransomware attacks.

 
LVL 29

Author Comment

by:Michael W
ID: 33596244
First I did the following:

iptables -N traffic_in
iptables -N traffic_out
iptables -I INPUT 1 -j traffic_in
iptables -I OUTPUT 1 -j traffic_out

Then I tried your scripts. The "iptables_traffic_eval.sh" in nor out doesn't display anything.

Below is the output when I just do 'iptables -vxnL'.


Chain INPUT (policy ACCEPT 1350998 packets, 1824050953 bytes)
    pkts      bytes target     prot opt in     out     source               destination
     244    19151 traffic_in  all  --  *      *       0.0.0.0/0            0.0.0.0/0

Chain FORWARD (policy ACCEPT 0 packets, 0 bytes)
    pkts      bytes target     prot opt in     out     source               destination

Chain OUTPUT (policy ACCEPT 967645 packets, 65040517 bytes)
    pkts      bytes target     prot opt in     out     source               destination
     185    30288 traffic_out  all  --  *      *       0.0.0.0/0            0.0.0.0/0

Chain traffic_in (1 references)
    pkts      bytes target     prot opt in     out     source               destination

Chain traffic_out (1 references)
    pkts      bytes target     prot opt in     out     source               destination

Open in new window

0
 
LVL 3

Expert Comment

by:gremwell
ID: 33600027
I'm not sure why chain traffic_in and traffic_out chains are empty in your case. Normally they should be populated by iptables_traffic_rules_gen.sh. Are you sure you have executed it? For me the end of the output you have quoted looks like following:
-------------
Chain traffic_in (1 references)
    pkts      bytes target     prot opt in     out     source               destination        
       0        0            all  --  *      !lo     0.0.0.0/0            169.254.6.228      
       0        0            all  --  *      !lo     0.0.0.0/0            127.0.0.1          
       0        0            all  --  *      !lo     0.0.0.0/0            172.16.202.1        
       0        0            all  --  *      !lo     0.0.0.0/0            172.16.180.1        
       0        0            all  --  *      !lo     0.0.0.0/0            172.16.190.1        
       0        0            all  --  *      !lo     0.0.0.0/0            172.16.57.1        
       0        0            all  --  *      !lo     0.0.0.0/0            172.16.58.1        
       0        0            all  --  *      !lo     0.0.0.0/0            192.168.122.1      
      17     2000            all  --  *      !lo     0.0.0.0/0            192.168.1.103      

Chain traffic_out (1 references)
    pkts      bytes target     prot opt in     out     source               destination        
       0        0            all  --  !lo    *       169.254.6.228        0.0.0.0/0          
       0        0            all  --  !lo    *       127.0.0.1            0.0.0.0/0          
       0        0            all  --  !lo    *       172.16.202.1         0.0.0.0/0          
       0        0            all  --  !lo    *       172.16.180.1         0.0.0.0/0          
       0        0            all  --  !lo    *       172.16.190.1         0.0.0.0/0          
       0        0            all  --  !lo    *       172.16.57.1          0.0.0.0/0          
       0        0            all  --  !lo    *       172.16.58.1          0.0.0.0/0          
       0        0            all  --  !lo    *       192.168.122.1        0.0.0.0/0          
      23     1686            all  --  !lo    *       192.168.1.103        0.0.0.0/0          
-------------

Maybe the output of the following commands will give us some clue:

sh -x ./iptables_traffic_iplist.sh -g
sh -x ./iptables_traffic_iplist.sh -i
sudo sh -x ./iptables_traffic_rules_gen.sh
0
 
LVL 29

Author Closing Comment

by:Michael W
ID: 33601709
The modified scripts helped out a lot. It seems I didn't run the initial iptables_traffic_rules_gen.sh script correctly, thus nothing was being produced.
0

Featured Post

The Eight Noble Truths of Backup and Recovery

How can IT departments tackle the challenges of a Big Data world? This white paper provides a roadmap to success and helps companies ensure that all their data is safe and secure, no matter if it resides on-premise with physical or virtual machines or in the cloud.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

Title # Comments Views Activity
AWS EC2 PHP code is not being executed code shows on the page instead 8 87
How to enable sync between two yum repo? 1 31
awk sed 8 42
winscp where are logs stored 3 35
Little introduction about CP: CP is a command on linux that use to copy files and folder from one location to another location. Example usage of CP as follow: cp /myfoder /pathto/destination/folder/ cp abc.tar.gz /pathto/destination/folder/ab…
SSH (Secure Shell) - Tips and Tricks As you all know SSH(Secure Shell) is a network protocol, which we use to access/transfer files securely between two networked devices. SSH was actually designed as a replacement for insecure protocols that sen…
Learn several ways to interact with files and get file information from the bash shell. ls lists the contents of a directory: Using the -a flag displays hidden files: Using the -l flag formats the output in a long list: The file command gives us mor…
Learn how to get help with Linux/Unix bash shell commands. Use help to read help documents for built in bash shell commands.: Use man to interface with the online reference manuals for shell commands.: Use man to search man pages for unknown command…

770 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question