From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Date: Sun, 4 Dec 2005 17:47:49 +0200 From: Michael Shigorin To: ALT Linux Community Message-ID: <20051204154749.GC6070@osdn.org.ua> Mail-Followup-To: ALT Linux Community , abulava@altlinux.org References: <001301c5f7e8$48b7de10$0102a8c0@PegasTour.local> Mime-Version: 1.0 Content-Type: multipart/signed; micalg=pgp-sha1; protocol="application/pgp-signature"; boundary="/TUrtqMIkCP4YtJm" Content-Disposition: inline In-Reply-To: <001301c5f7e8$48b7de10$0102a8c0@PegasTour.local> User-Agent: Mutt/1.4.2.1i Cc: abulava@altlinux.org Subject: [Comm] mrtg iptables script (was: =?koi8-r?b?yM/e1SDazsHU2CDe1M8g1NfP?= =?koi8-r?b?0snU09Eg0yDLwc7BzMHNySDT19HaySk=?= X-BeenThere: community@lists.altlinux.org X-Mailman-Version: 2.1.5 Precedence: list Reply-To: shigorin@gmail.com, ALT Linux Community List-Id: ALT Linux Community List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Sun, 04 Dec 2005 15:47:50 -0000 Archived-At: List-Archive: List-Post: --/TUrtqMIkCP4YtJm Content-Type: multipart/mixed; boundary="HVCoas+krw6dou6l" Content-Disposition: inline --HVCoas+krw6dou6l Content-Type: text/plain; charset=koi8-r Content-Disposition: inline Content-Transfer-Encoding: quoted-printable On Sat, Dec 03, 2005 at 02:02:27PM +0500, PEGAS TOUR - DMITRIY wrote: > =D0=CF=CC=D8=DA=D5=C0=D3=D8 ifconfig, mailq, route =3D) =C8=CF=D4=C5=CC= =CF=D3=D8 =C2=D9 =D7=C9=C4=C5=D4=D8 =DA=C1=C7=D2=D5=DA=CB=D5 > =CB=C1=CE=C1=CC=CF=D7 - =CD=CF=D6=CE=CF =CE=C5 =D7 =D2=C5=C1=CC=D8=CE=CF= =CD =D7=D2=C5=CD=C5=CE=C9. (=CC=C0=C2=CC=C0 =D7=D3=D1=CB=C9=C5 =C7=D2=C1=C6= =C9=CB=C9 =3D) > =D3=D4=C1=D4=C9=D3=D4=C9=CB=D5 =D0=CF =D4=CF=CD=D5 =CB=D4=CF =CB=D5=C4=C1= =C9 =DE=D4=CF. =EB =CB=C1=CB=C9=CD =D0=D2=CF=C7=D2=C1=CD=CD=CE=D9=CD > =D0=D2=CF=C4=D5=CB=D4=C1=CD =CF=C2=D2=C1=D4=C9=D4=D8=D3=D1? mrtg -- =C7=D2=C1=C6=C9=CB=C9, iftop, ifstat, ntop, dstat -- =D7 =D2=C5=C1= =CC=D8=CE=CF=CD =D7=D2=C5=CD=C5=CE=C9. =E4=CC=D1 mrtg =D0=CF=D4=D2=C5=C2=D5=C5=D4=D3=D1 =CE=C1=D2=C9=D3=CF=D7=C1= =D4=D8 =C9 =D0=CF=C4=C3=C5=D0=C9=D4=D8 (=CE=C1=D0=D2=C9=CD=C5=D2, =DE=C5=D2= =C5=DA iptables) =D3=C5=CE=D3=CF=D2, =CE=D5 =C9=CC=C9 =D0=CF=C4=CE=C9=CD=C1=D4=D8 = =CC=CF=CB=C1=CC=D8=CE=D9=CA snmpd =C9 =D3=CE=C9=CD=C1=D4=D8=20 =D0=CF =C9=CE=D4=C5=D2=C6=C5=CA=D3=C1=CD (=CB=C1=CB =D0=CF =CD=CE=C5 -- =CF= =D7=C5=D2=CB=C9=CC=CC). =E3=C5=D0=CC=D1=C0 =D2=C1=C2=CF=D4=C1=C0=DD=C9=CA =D7=C1=D2=C9=C1=CE=D4 =D3= =C5=CE=D3=CF=D2=C1 =C4=CC=D1 iptables, =D4=CF=CC=D8=CB=CF =D3=CD=CF=D4=D2= =C5=D4=D8 =D7 =CE=C5=C7=CF =C7=CC=C1=DA=C1=CD=C9 =D0=D2=C9 =D3=CF=DA=C4=C1=CE=C9=C9 = =D3=DE=A3=D4=CE=D9=C8 =C3=C5=D0=CF=DE=C5=CB =D7 iptables (=C9=CC=C9 =D0=CF=C4=C7=CF=CE=CB=C5 =D0=CF=C4 =D3=D5=DD=C5=D3=D4=D7=D5=C0=DD=C9=C5) = =D0=D2=C1=CB=D4=C9=DE=C5=D3=CB=C9 =C7=C1=D2=C1=CE=D4=C9=D2=CF=D7=C1=CE=CE= =CF =D0=D2=C9=C4=A3=D4=D3=D1; =D7=D0=D2=CF=DE=C5=CD, =DC=D4=CF =CE=C5 =D3=D4=D2=C1=DB=CE=CF. =FA=C1=D4= =CF =C7=C9=C2=CB=CF =D7=D9=C8=CF=C4=C9=D4. 2 abulava: =D1 =D7=D3=A3 =D2=C1=D3=CB=C1=DE=C9=D7=C1=CC=D3=D1 =DC=D4=CF=C7= =CF =D0=CF=D4=CF=CD=CB=C1 =CF=C4=CE=CF=CA =C9=DA =C4=D7=D5=C8 =D3=CE=C9=CD=C1=CC=CF=CB =D3 iptables =C9=DA mrtg contrib/ =D7 =D0=C1=CB=C5= =D4 =C4=CF=C2=C1=D7=C9=D4=D8... =D3=C4=C5=CC=C1=C5=DB=D8? :) --=20 ---- WBR, Michael Shigorin ------ Linux.Kiev http://www.linux.kiev.ua/ --HVCoas+krw6dou6l Content-Type: text/plain; charset=us-ascii Content-Disposition: attachment; filename="mrtg-traffic-internal.pl" #!/usr/bin/perl # iptables-accounting .9 # # Author: Vern Gill # Date: March 9, 2001 # # Adapted from code used in ipchainacc # # ipchainacc 1.1.0 # # Author: John Lange john@darkcore.net # Date : September 12, 2000 # # # The command takes one argument: # Argument: what filter do you want to view # I.E. iptables-accounting filter # iptables-accounting nat # # Also, you can check bytes or packets. Check the $bytec below # and the text above it for details # # This command must return 4 lines of output: # Line 1 : current state of the 'incoming bytes counter' # Line 2 : current state of the 'outgoing bytes counter' # Line 3 : string, telling the uptime of the target. # Line 4 : string, telling the name of the target. # # To add more counters, just edit the commented out if lines # below. For instance, to count the filter table and the # INPUT chain, just change the elsif to filter, and the # $inrule to INPUT # Share and enjoy # edit for your system $iptables='/sbin/iptables'; # path to iptables #$host=`/bin/hostname --fqdn`; # local hostname (for information only) $table = $ARGV[0]; if ( $table =~ /^filter/i ) { $inrule='FORWARD'; $outrule='OUTPUT'; } elsif ( $table =~ /^nat/i ) { $inrule='PREROUTING'; $outrule='POSTROUTING'; } elsif ( $table =~ /^mangle/i ) { $inrule='PREROUTING'; $outrule='OUTPUT'; #} elsif ( $table =~ /^table-name-here/i ) { # $inrule='CHAIN-NAME-HERE'; # $outrule='OTHER-CHAIN-NAME'; #} elsif ( $table =~ /^table-name-here/i ) { # $inrule='CHAIN-NAME-HERE'; # $outrule='OTHER-CHAIN-NAME'; } # --- now override them $table = 'filter'; $inrule = 'internal-in'; $outrule = 'internal-out'; # What should we graph? packet counters = 4, bytes = 6 # If you used the ipchainacc script before and you want to keep counting # packets, then set this to 4. If you would rather do the # sensible thing and count bytes, then set this to 6. If you change # from one to the other, then you should delete all the previous # history since it will be meaningless. # 0 / 1 $bytec=1; ## -- don't edit below here ---- # fetch the status from iptables $_=`$iptables -t $table -L $inrule -v -n -x | grep RETURN`; @in_bytes = split; $_=`$iptables -t $table -L $outrule -v -n -x | grep RETURN`; @out_bytes = split; # uptime of the machine open(UPTIME,"uptime |"); $upTime=; close(UPTIME); chop $upTime; # example showing users number -- off, of course #$upTime =~ s/^.*up ([0-9 a-z]+),( )+([0-9]+ user(s)?), .*$/\1 (\3)/; $upTime =~ s/^.*up ([0-9:, a-z]+),( )+([0-9]+ user(s)?), .*$/\1/; $host = 'ftp.linux.kiev.ua'; # 4 lines of output only. printf "$in_bytes[$bytec]\n$out_bytes[$bytec]\n$upTime\n$host"; --HVCoas+krw6dou6l-- --/TUrtqMIkCP4YtJm Content-Type: application/pgp-signature Content-Disposition: inline -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.2.5 (GNU/Linux) iD8DBQFDkw+lbsPDprYMm3IRAsF/AJ9lqTN6KEXIC/xuoVrMjpK9uhIkDQCgmbVB NsVbTrhNUTa7zxRYgw/qqHM= =GWpf -----END PGP SIGNATURE----- --/TUrtqMIkCP4YtJm--