[prev in list] [next in list] [prev in thread] [next in thread]
List: fedora-list
Subject: Re: Logging system usage -
From: Bob Goodwin <bobgoodwin () wildblue ! net>
Date: 2011-03-30 22:37:01
Message-ID: 4D93B08D.4090600 () wildblue ! net
[Download RAW message or body]
On 30/03/11 15:10, Lamar Owen wrote:
> On Wednesday, March 30, 2011 02:40:16 pm Bob Goodwin wrote:
> > Netflow says their application is not intended for home use?
> > It's not clear to me if that has to be installed in a
> > computer/router or if it's something I can install here in this
> > computer or if it might already be installed in some routers out
> > of the box?
> Sorry for overwhelming with info; here's the simpler version.
>
> Netflow data export is a way the router can keep track of 'flows' of data (think of \
> a flow as a connection; it isn't really, but it's still a good analogy) and export \
> data on those flows passing through it to a 'collector.' DD-WRT apparently has \
> some support for netflow data export (NDE for short) in this manner. One of the \
> links I sent was a page that listed a few things about that, and possibly more \
> links to how to set that up in DD-WRT.
> Once you have NDE set up to export (but before you actually turn the export on) you \
> need to set up the collector; this is the ntop package that is included in Fedora. \
> It is a web-based application; there are other flow collectors, but the key thing \
> is that the box running the collector needs to have its firewall opened for the \
> export from the router, and the router needs to know to export the flow data to \
> that IP address.
> Once you have ntop collecting the flows, you can get all kinds of statistics on the \
> top talkers, total bandwidth, connections used, IP addresses contacted, just to \
> start.
> The setup isn't the easiest in the world; but, then again you have DD-WRT set up, \
> so you've apparently got at least part of the skillset needed. Just tackle it with \
> patience, and you can make that work.
> A hub and doing the collection with a sniffer and ntop will also work, but hubs \
> have their own problems, and unless you'd just rather do it that way, having the \
> router do NDE is the simplest way of getting the information you want.
> I'm doing this, using CentOS and ntop, with several Cisco routers of various types \
> (a couple of 12000 series, a 7609, a 7206, a 7507, and a 7401) and it works pretty \
> well. On CentOS 4 ntop isn't exceptionally stable; not a whole lot better on \
> CentOS 5, but I would expect that the latest and greatest running on F14 might be \
> the ticket.
> But my setup isn't the typical home setup, either, so your mileage may vary.
>
> What would be the 'cat's meow' would be ntop or similar integrated into the DD-WRT \
> or other similar router interface, then it's all 'appliance based' and easy.
Well I'm still overwhelmed but I installed ntop and it turns out
that dd-wrt has a function called Rflow, and another MACupd
which I also enabled, and I am getting some pretty impressive
displays.
It looks like it will do what I want if I can just master it's
operation. I will have fun with this! It is serious business
though, I've got to get usage under control or they throttle
user speed and threaten worse!
I'll be back with questions once I know what to ask.
Thanks all for the excellent help and advice.
Bob
--
users mailing list
users@lists.fedoraproject.org
To unsubscribe or change subscription options:
https://admin.fedoraproject.org/mailman/listinfo/users
Guidelines: http://fedoraproject.org/wiki/Mailing_list_guidelines
[prev in list] [next in list] [prev in thread] [next in thread]
Configure |
About |
News |
Add a list |
Sponsored by KoreLogic