| View previous topic :: View next topic |
| Author |
Message |
LynZ
Apprentice
Joined: 05 Jan 2004
Posts: 220
Location: MIPT
|
 Posted: Wed Apr 06, 2005 10:12 pm Post subject: How do i organize a traffic counting system |
 |
|
Situation:
There is a net of approx 20-30 boxes. Needed to make a traffic counting system on a common router.
Needs. Minimum system load, traffic has to be counted and put into SQL base (preferably mysql)
Solution?
_________________
Athlon64 (Venice) 3200+ @ ABIT KN8 ULTRA
1 Gb DDR 400
ASUS GeForce 6200 64Mb PCI-X
2 x Samsung SpinPoint P80 80 Gb
SB Live! 5.1 Player
Sven IMHOO MT 5.1 |
|
| Back to top |
|
 |
tukachinchila
Apprentice
Joined: 11 Mar 2005
Posts: 274
Location: Oregon
|
| Posted: Thu Apr 07, 2005 6:52 am Post subject: |
|
|
What kind of traffic? Anything in particular (e.g., http, ftp), or all packets?
You could probably setup snort (which works well with mysql) to suit your needs. |
|
| Back to top |
|
|
MrUlterior
Guru
Joined: 22 Mar 2005
Posts: 511
Location: Switzerland
|
| Posted: Thu Apr 07, 2005 8:34 am Post subject: |
|
|
I do similar by setting up iptables rules for each "genre" of traffic (Eg: Ftp, Http, Irc , destination/source of the traffic (LAN ip). All of these rules use the RETURN target, so they have no impact upon the traffic - but once an hour I run iptables with its numeric options and output the byte counts per rule into a mysql table and flush the rule statistics.
The mysql tables serve as a round robin database of the last 720 hours (30 days) of traffic stats. For historical views of this info, every 30 days the table is renamed and a new one created.
_________________
Misanthropy 2.0 - enough hate to go around
|
|
| Back to top |
|
|
|
Networking & Security
