aptitude install softflowd
vim /etc/default/softflowd
INTERFACE="eth1" OPTIONS="-n 127.0.0.1:9995"
/etc/init.d/softflowd start
aptitude install flow-tools
vim /etc/flow-tools/flow-capture.conf
-w /var/flow -n 1000 -N 3 127.0.0.1/127.0.0.1/9995
/etc/init.d/flow-capture restart
vim /etc/flow-tools/cfg/filter.cfg
filter-primitive iamit-range type ip-address-prefix permit 192.168.0.0/24 default deny filter-definition iamit-out match src-ip-addr iamit-range filter-definition iamit-in match dst-ip-addr iamit-range
cat /etc/mrtg/collect.sh
#!/bin/sh DATEY=`date -d "5 min ago" +%Y` DATEYM=`date -d "5 min ago" +%Y-%m` DATEYMD=`date -d "5 min ago" +%Y-%m-%d` flow-cat /var/flow/$DATEY/$DATEYM/$DATEYMD/ft*| flow-nfilter -F iamit-in|flow-stat -f 8 > /tmp/flow-in.latest flow-cat /var/flow/$DATEY/$DATEYM/$DATEYMD/ft*| flow-nfilter -F iamit-out|flow-stat -f 9 > /tmp/flow-out.latest
cat /etc/mrtg/traffic.sh
#!/bin/sh TARGETIP=$1 INBYTES=`cat /tmp/flow-in.latest|grep $TARGETIP|awk '{print $3}'` OUTBYTES=`cat /tmp/flow-out.latest|grep $TARGETIP|awk '{print $3}'` INBYTES=`expr $INBYTES + 0` OUTBYTES=`expr $OUTBYTES + 0` echo $INBYTES echo $OUTBYTES
cat /etc/mrtg/192.168.0.100.conf
WorkDir: /var/www/mrtg/ Title[traffic.100]: Traffic statistics for 192.168.0.100 PageTop[traffic.100]: <H1>Traffic statistics for 192.168.0.100 </H1> Target[traffic.100]: `/etc/mrtg/traffic.sh 192.168.0.100` MaxBytes[traffic.100]: 1250000 Options[traffic.100]: growright,bits Refresh: 300 Interval: 5 LegendI[traffic.100]: Input LegendO[traffic.100]: Output YLegend[traffic.100]: Bytes
cat /etc/mrtg/runstats.sh
#!/bin/sh /etc/mrtg/collect.sh env LANG=C /usr/bin/mrtg /etc/mrtg/192.168.0.100.conf
/usr/bin/indexmaker –output=/var/www/mrtg/index.html –title=“Power Under Control :)” –sort=name –enumerate *.conf