IP accounting
Ing. Radek Andrš
radek na indat.space.cz
Pátek Květen 30 08:39:34 CEST 1997
Zdravim timto vsechny v Linux-konferenci,
Mame takovy problem - potrebujeme totiz sledovat
mnozstvi dat protecenych
pres urcitou IP adresu a nevim jaky soft k tomu
pouzit.
Jestli nekdo o necem vite poradte mi prosim.
Zde je nas pripad:
Zatim pozivame net-account 0.4 avsak ten mi nemeri
prutok dat pres jiny subnet nasi site
konkretne- mame rozmaskovanou sit a jedna mala subsit
(255.255.255.252 = 4 IP adresy tj. 195.39.8.4-7)
je vyhrazena pro dalkove spojeni pevnou linkou (tj pro
router nas a naseho poskytovatele, pricemz nas
router to merit neumi (zn Dynastar 100) - meri pouze
pocet ramcu).
My bychom chteli prave zmerit objem dat prenesenych
pres tento subnet.
Nase interni sit ma masku 255.255.255.224 -
195.39.8.96-127).
Ja jsem na stanici-serveru 195.39.8.125 a chci merit
prutok dat pres 195.39.8.6.(WAN port naseho routeru
Dynastar).
Mozna mam i ten net-account spatne nakonfigurovan -
zde je vypis jeho konfigurace
obsah souboru nacctab
*******************************************************
************************
flush 300 # flush every 5
minutes
# this gives the interval in seconds
# when the accumulated data is flushed
# to the output file
fdelay 60 # this defines after how many seconds
# of inactivity a certain record of
# traffic information may be written out
# this helps making the logfiles smaller
# since only one output record will be
# generated for related traffic
file /var/log/uctoll/net-acct # defines
output file
# this is the regular output file of
# the daemon
dumpfile /var/log/uctoll/net-acct-dump # defines dump
file
# this is used to dump the not yet
# written information so this is not
# lost should the machine crash
# on startup an eventuelly existing
# file of this name will be moved
# to *.o
device eth0 # device to put into
promiscous mode
# you can specify as many as you want
# and you don't have to specify one
# (e.g. if this runs on your router)
ignoremask 255.255.255.128 # Ignore traffic on
same class C net
# This means traffic that is on
# your local LAN is not counted.
# This is useful for NFS etc.
# Not giving this option causes everything
# to be counted.
# This can degrade performance seriously!
ignorenet 127.0.0.0 255.0.0.0 # ignore loopback net
# You can define as many ignorenets as
# you want. Ignoring a net with
# ignorenet is not as efficient as
# ignoremask. Thus you should exclude
# your local network with ignoremask,
# not with ignorenet (although this is
# is possible).
debug 2 # set debugging level
debugfile /var/log/uctoll/nacctd.debug # where to put
debugging info
# For dynamic slip/ppp
#dynamicip /var/log/nacct # where files for dynamic
ip are stored
#dynamicnet 195.39.8.96 255.255.255.224 # on which
network are all the
# dynamically assigned adresses
exclude-name-lookup 195.39.8.126 255.255.255.255
exclude-name-lookup 195.39.8.125 255.255.255.255
exclude-name-lookup 195.39.8.124 255.255.255.255
exclude-name-lookup 195.39.8.97 255.255.255.255
exclude-name-lookup 195.39.8.98 255.255.255.255
exclude-name-lookup 195.39.8.99 255.255.255.255
exclude-name-lookup 195.39.8.6 255.255.255.255
# For disabling certain fields
# This is commented out by default
# disable 2 # disable output of protocol
# For excluding certain hosts from ignoring
# This can be useful for a kludgy way to account for
proxy traffic, you'd then
# add your proxy server here.
# I guess I should consider using some filter
language...
# This is commented out by default
# This does not affect addresses excluded by
ignoremask,
# as this would impose too much of a performance
penalty
# dontignore 127.3.4.5 255.255.255.255 # Don't ignore
host 127.3.4.5,
# although it would be excluded by
# above ignorenet statement
# line sl0 ttyS0 # On way to
# assign traffic to a user is if both
# of the following conditions meet:
# a) nacctd runs on the ppp/slip server
# b) the relation between network interface
# (e.g. sl0, ppp1) and serial line (e.g.
# ttyS1) is fixed.
# You can give as many line statements
# as you want
# There is a better way now, so this is
# commented out
*******************************************************
*******************************************************
*
Sdruzeni INTERDATA
Ing. Radek Andrs
tel.: 0413-334270
e-mail: radek na indat.space.cz
Další informace o konferenci Linux