Michael Worsham
asked on
Cacti template for IP Aliases
I have a RHEL 5 server with Cacti installed. Since this server has multiple IP addresses using IP Aliasing, I need to setup a Cacti template that can monitor each of the IPs for inbound and outbound traffic. I tried using the example document I found here (http://www.roth.lu/cacti-snmp-tut.htm), but it seems to be lacking as it is not clearly written.
Has anyone else tried this type of monitoring? If so, how did you configure Cacti to monitor per IP Alias interface?
Has anyone else tried this type of monitoring? If so, how did you configure Cacti to monitor per IP Alias interface?
ASKER
The iptables porition isn't showing anything. It keeps showing the amount of data being '0'.
Plus, the section labeled "3B. Graph Template" is confusing in its wording. What actually needs to be modified and in what order, etc?
Plus, the section labeled "3B. Graph Template" is confusing in its wording. What actually needs to be modified and in what order, etc?
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
ASKER
First I did the following:
iptables -N traffic_in
iptables -N traffic_out
iptables -I INPUT 1 -j traffic_in
iptables -I OUTPUT 1 -j traffic_out
Then I tried your scripts. The "iptables_traffic_eval.sh" in nor out doesn't display anything.
Below is the output when I just do 'iptables -vxnL'.
iptables -N traffic_in
iptables -N traffic_out
iptables -I INPUT 1 -j traffic_in
iptables -I OUTPUT 1 -j traffic_out
Then I tried your scripts. The "iptables_traffic_eval.sh"
Below is the output when I just do 'iptables -vxnL'.
Chain INPUT (policy ACCEPT 1350998 packets, 1824050953 bytes)
pkts bytes target prot opt in out source destination
244 19151 traffic_in all -- * * 0.0.0.0/0 0.0.0.0/0
Chain FORWARD (policy ACCEPT 0 packets, 0 bytes)
pkts bytes target prot opt in out source destination
Chain OUTPUT (policy ACCEPT 967645 packets, 65040517 bytes)
pkts bytes target prot opt in out source destination
185 30288 traffic_out all -- * * 0.0.0.0/0 0.0.0.0/0
Chain traffic_in (1 references)
pkts bytes target prot opt in out source destination
Chain traffic_out (1 references)
pkts bytes target prot opt in out source destination
I'm not sure why chain traffic_in and traffic_out chains are empty in your case. Normally they should be populated by iptables_traffic_rules_gen .sh. Are you sure you have executed it? For me the end of the output you have quoted looks like following:
-------------
Chain traffic_in (1 references)
pkts bytes target prot opt in out source destination
0 0 all -- * !lo 0.0.0.0/0 169.254.6.228
0 0 all -- * !lo 0.0.0.0/0 127.0.0.1
0 0 all -- * !lo 0.0.0.0/0 172.16.202.1
0 0 all -- * !lo 0.0.0.0/0 172.16.180.1
0 0 all -- * !lo 0.0.0.0/0 172.16.190.1
0 0 all -- * !lo 0.0.0.0/0 172.16.57.1
0 0 all -- * !lo 0.0.0.0/0 172.16.58.1
0 0 all -- * !lo 0.0.0.0/0 192.168.122.1
17 2000 all -- * !lo 0.0.0.0/0 192.168.1.103
Chain traffic_out (1 references)
pkts bytes target prot opt in out source destination
0 0 all -- !lo * 169.254.6.228 0.0.0.0/0
0 0 all -- !lo * 127.0.0.1 0.0.0.0/0
0 0 all -- !lo * 172.16.202.1 0.0.0.0/0
0 0 all -- !lo * 172.16.180.1 0.0.0.0/0
0 0 all -- !lo * 172.16.190.1 0.0.0.0/0
0 0 all -- !lo * 172.16.57.1 0.0.0.0/0
0 0 all -- !lo * 172.16.58.1 0.0.0.0/0
0 0 all -- !lo * 192.168.122.1 0.0.0.0/0
23 1686 all -- !lo * 192.168.1.103 0.0.0.0/0
-------------
Maybe the output of the following commands will give us some clue:
sh -x ./iptables_traffic_iplist. sh -g
sh -x ./iptables_traffic_iplist. sh -i
sudo sh -x ./iptables_traffic_rules_g en.sh
-------------
Chain traffic_in (1 references)
pkts bytes target prot opt in out source destination
0 0 all -- * !lo 0.0.0.0/0 169.254.6.228
0 0 all -- * !lo 0.0.0.0/0 127.0.0.1
0 0 all -- * !lo 0.0.0.0/0 172.16.202.1
0 0 all -- * !lo 0.0.0.0/0 172.16.180.1
0 0 all -- * !lo 0.0.0.0/0 172.16.190.1
0 0 all -- * !lo 0.0.0.0/0 172.16.57.1
0 0 all -- * !lo 0.0.0.0/0 172.16.58.1
0 0 all -- * !lo 0.0.0.0/0 192.168.122.1
17 2000 all -- * !lo 0.0.0.0/0 192.168.1.103
Chain traffic_out (1 references)
pkts bytes target prot opt in out source destination
0 0 all -- !lo * 169.254.6.228 0.0.0.0/0
0 0 all -- !lo * 127.0.0.1 0.0.0.0/0
0 0 all -- !lo * 172.16.202.1 0.0.0.0/0
0 0 all -- !lo * 172.16.180.1 0.0.0.0/0
0 0 all -- !lo * 172.16.190.1 0.0.0.0/0
0 0 all -- !lo * 172.16.57.1 0.0.0.0/0
0 0 all -- !lo * 172.16.58.1 0.0.0.0/0
0 0 all -- !lo * 192.168.122.1 0.0.0.0/0
23 1686 all -- !lo * 192.168.1.103 0.0.0.0/0
-------------
Maybe the output of the following commands will give us some clue:
sh -x ./iptables_traffic_iplist.
sh -x ./iptables_traffic_iplist.
sudo sh -x ./iptables_traffic_rules_g
ASKER
The modified scripts helped out a lot. It seems I didn't run the initial iptables_traffic_rules_gen .sh script correctly, thus nothing was being produced.
Please specify what part you are having difficulties with.