Gateway Monitoring
Community Support question - to convert into a paid question, click here
Lines in bold below have not yet been seen by the customer - those in blue are from the customer
| Username : Date : Action : Comments [ close all ] |
|
|
|
edrich1 : 06/11/02 11:18 AM : Incident created |
|
- Hi ya
Wondering if someone can help with me delima. I have set up a linux box for a company as a gateway-server. But now the boss wants to know which person in the company sends how much data over the connection. Or he wants to know how much time every user spends on the net.
The data that the users send must preferable monitor the amount of mb that the user downloads. I am using IP-Chains for the gateway. Is there any way that I can set something up to monitor this.
Thanx
Edd
|
|
|
|
jimdunn_6089 : 06/11/02 12:15 PM : Reply received |
|
- Hello Edd
You can use ip accounting with ipchains - but it will create complex logs which are difficult to interpret.
In your position I'd probably set up squid on the gateway as a proxy server.
squid is included with your distribution.
Here's a link to the squid documentation:
http://squid-docs.sourceforge.net/latest/html/
You can also set squid up so that it is a "transparent" proxy, which means the users will not even know they are being routed via squid - and you won't have to configure proxy settings on the client. I have this setup on a network of 50 win pcs browsing through a linux gateway and it's smooth as silk...
Here's a link to details of transparent proxying:
http://squid-docs.sourceforge.net/latest/html/c2653.html
And finally, the whole point of the exercise for you was logging information, so here's a link to some ways of analysing squid data:
http://www.squid-cache.org/Scripts/
Now, I know you may take one look at all this and say "way too hard" but it isn't - squid sets itself up pretty well just by installing with defaults, you just need to tweak a couple of things afterwards - and if you go for the transparency option (which I strongly recommend) you'll have no client settings to alter.
And as you can see from the analysis page I linked you to - the payoff is huge :-)
I really recommend this method above all others (unless you find, (and probably pay for) a third party solution)
Good luck
Jim
Hope that helps...
If it solves your problem, please don't forget to close the incident :)
|
|
|
|
edrich1 : 06/11/02 12:40 PM : More info provided |
|
- Hi
Ok thanx for your speedy reply, ok I have set up a proxy in squid for this company aswell.
But the thing is some of their micro$oft clients run apps that don't go throught the
proxy, it must run throught the gateway. No what will happen with the transparent
proxy do I just set the clients up to route throught the default gateway and
linux will do the magic of sending it throught the proxy server.
|
|
|
|
jimdunn_6089 : 06/11/02 01:24 PM : Reply received |
|
- Well the answer to your question is yes and no !
You will still be able to use these other apps as you do now - they won't be routed through the proxy, transparent or not.
However, that means squid won't log them either :-(
If you want to log them you'll have to look at ip accounting
Here are some links for you to look at:
http://www.flounder.net/ipchains/ipchains-howto.html#6
http://www.tldp.org/HOWTO/IP-Masquerade-HOWTO/accounting.html
http://www2.empnet.com/ipacct/
http://ipaudit.sourceforge.net/
http://ipaudit.sourceforge.net/ipaudit-web/
http://www2.auckland.ac.nz/net/NeTraMet/
I hope some of those are useful to you :-)
|
|
|
|
stregone : 06/11/02 05:31 PM : Reply received |
|
- A non-technical tip. What your boss wants it's not perfectly legal in all countries.
Try to have an opinion from some lawyer....
|
|
|
|
edrich1 : 07/11/02 02:25 PM : Incident closed |
|
-
|
|
|
|
Language
Search Mandriva Expert
|
