[linux] MRTG
Ondrej Ivanic
ondrej na kmit.sk
Středa Říjen 1 16:54:12 CEST 2003
Ondrej Ivanic wrote:
> Michal Zila wrote:
>
>> mam router s dvomi sietovkami eth0 a eth1. Snazim sa na nich odmerat
>> traffic pomocou MRTG. Funguje to tak, ze cfg skript vola dalsi skript,
>> ktory meria traffic na danych sietovkach pomocou iptables. Snazim sa
>> merat celkovy traffic, ktory bezi z eth0 na eth1 a opacne (forward).
>> To sa mi aj
>> dari. Avsak nedari sa mi merat traffic podla jednotlivych MAC adries
>> (meranie prenosu dat jednotlivych uzivatelov).
>
> Nepouzivam MRTG, ale RRDTool:
> firewall:
Este toto tma musi byt:
#!/bin/sh
IPTABLES="/usr/sbin/iptables -v"
${IPTABLES} -N lan2inet_tcp
${IPTABLES} -N lan2inet_udp
${IPTABLES} -N lan2inet_icmp
${IPTABLES} -N lan2inet_all
${IPTABLES} -N inet2lan_tcp
${IPTABLES} -N inet2lan_udp
${IPTABLES} -N inet2lan_icmp
${IPTABLES} -N inet2lan_all
${IPTABLES} -A FORWARD -p TCP -o ${ETH_KMIT} -d ! ${IP_KMIT} -j
lan2inet_tcp
${IPTABLES} -A FORWARD -p UDP -o ${ETH_KMIT} -d ! ${IP_KMIT} -j
lan2inet_udp
${IPTABLES} -A FORWARD -p ICMP -o ${ETH_KMIT} -d ! ${IP_KMIT} -j
lan2inet_icmp
${IPTABLES} -A FORWARD -p ALL -o ${ETH_KMIT} -d ! ${IP_KMIT} -j
lan2inet_all
${IPTABLES} -A FORWARD -p TCP -i ${ETH_KMIT} -s ! ${IP_KMIT} -j
inet2lan_tcp
${IPTABLES} -A FORWARD -p UDP -i ${ETH_KMIT} -s ! ${IP_KMIT} -j
inet2lan_udp
${IPTABLES} -A FORWARD -p ICMP -i ${ETH_KMIT} -s ! ${IP_KMIT} -j
inet2lan_icmp
${IPTABLES} -A FORWARD -p ALL -i ${ETH_KMIT} -s ! ${IP_KMIT} -j
inet2lan_all
--
Ondrej Ivanic
(ondrej na kmit.sk)
Další informace o konferenci linux