[linux] MRTG

Ondrej Ivanic ondrej na kmit.sk
Středa Říjen 1 16:54:12 CEST 2003


Ondrej Ivanic wrote:
> Michal Zila wrote:
> 
>> mam router s dvomi sietovkami eth0 a eth1. Snazim sa na nich odmerat
>> traffic pomocou MRTG. Funguje to tak, ze cfg skript vola dalsi skript,
>> ktory meria traffic na danych sietovkach pomocou iptables. Snazim sa
>> merat celkovy traffic, ktory bezi z eth0 na eth1 a opacne (forward). 
>> To sa mi aj
>> dari. Avsak nedari sa mi merat traffic podla jednotlivych MAC adries
>> (meranie prenosu dat jednotlivych uzivatelov).
> 
> Nepouzivam MRTG, ale RRDTool:
> firewall:

Este toto tma musi byt:
#!/bin/sh
IPTABLES="/usr/sbin/iptables -v"

${IPTABLES} -N lan2inet_tcp
${IPTABLES} -N lan2inet_udp
${IPTABLES} -N lan2inet_icmp
${IPTABLES} -N lan2inet_all
${IPTABLES} -N inet2lan_tcp
${IPTABLES} -N inet2lan_udp
${IPTABLES} -N inet2lan_icmp
${IPTABLES} -N inet2lan_all
${IPTABLES} -A FORWARD -p TCP  -o ${ETH_KMIT} -d ! ${IP_KMIT} -j 
lan2inet_tcp
${IPTABLES} -A FORWARD -p UDP  -o ${ETH_KMIT} -d ! ${IP_KMIT} -j 
lan2inet_udp
${IPTABLES} -A FORWARD -p ICMP -o ${ETH_KMIT} -d ! ${IP_KMIT} -j 
lan2inet_icmp
${IPTABLES} -A FORWARD -p ALL  -o ${ETH_KMIT} -d ! ${IP_KMIT} -j 
lan2inet_all
${IPTABLES} -A FORWARD -p TCP  -i ${ETH_KMIT} -s ! ${IP_KMIT} -j 
inet2lan_tcp
${IPTABLES} -A FORWARD -p UDP  -i ${ETH_KMIT} -s ! ${IP_KMIT} -j 
inet2lan_udp
${IPTABLES} -A FORWARD -p ICMP -i ${ETH_KMIT} -s ! ${IP_KMIT} -j 
inet2lan_icmp
${IPTABLES} -A FORWARD -p ALL  -i ${ETH_KMIT} -s ! ${IP_KMIT} -j 
inet2lan_all

-- 
Ondrej Ivanic
(ondrej na kmit.sk)




Další informace o konferenci linux