SukuDokuWiki

aptitude install softflowd

vim /etc/default/softflowd

INTERFACE="eth1"
OPTIONS="-n 127.0.0.1:9995"

/etc/init.d/softflowd start

aptitude install flow-tools

vim /etc/flow-tools/flow-capture.conf

-w /var/flow -n 1000 -N 3 127.0.0.1/127.0.0.1/9995

/etc/init.d/flow-capture restart

vim /etc/flow-tools/cfg/filter.cfg

filter-primitive iamit-range
  type ip-address-prefix
  permit 192.168.0.0/24
  default deny

filter-definition iamit-out
  match src-ip-addr iamit-range

filter-definition iamit-in
  match dst-ip-addr iamit-range

cat /etc/mrtg/collect.sh

#!/bin/sh
DATEY=`date -d "5 min ago" +%Y`
DATEYM=`date -d "5 min ago" +%Y-%m`
DATEYMD=`date -d "5 min ago" +%Y-%m-%d`
flow-cat  /var/flow/$DATEY/$DATEYM/$DATEYMD/ft*| flow-nfilter -F iamit-in|flow-stat -f 8 > /tmp/flow-in.latest
flow-cat  /var/flow/$DATEY/$DATEYM/$DATEYMD/ft*| flow-nfilter -F iamit-out|flow-stat -f 9 > /tmp/flow-out.latest

cat /etc/mrtg/traffic.sh

#!/bin/sh
TARGETIP=$1
INBYTES=`cat /tmp/flow-in.latest|grep $TARGETIP|awk '{print $3}'`
OUTBYTES=`cat /tmp/flow-out.latest|grep $TARGETIP|awk '{print $3}'`
INBYTES=`expr $INBYTES + 0`
OUTBYTES=`expr $OUTBYTES + 0`
echo $INBYTES
echo $OUTBYTES

cat /etc/mrtg/192.168.0.100.conf

WorkDir: /var/www/mrtg/
Title[traffic.100]: Traffic statistics for 192.168.0.100
PageTop[traffic.100]: <H1>Traffic statistics for 192.168.0.100 </H1>
Target[traffic.100]: `/etc/mrtg/traffic.sh 192.168.0.100`
MaxBytes[traffic.100]: 1250000
Options[traffic.100]: growright,bits
Refresh: 300
Interval: 5
LegendI[traffic.100]: Input
LegendO[traffic.100]: Output
YLegend[traffic.100]: Bytes

cat /etc/mrtg/runstats.sh

#!/bin/sh
/etc/mrtg/collect.sh
env  LANG=C /usr/bin/mrtg /etc/mrtg/192.168.0.100.conf

/usr/bin/indexmaker –output=/var/www/mrtg/index.html –title=“Power Under Control :)” –sort=name –enumerate *.conf