Re: Logging system usage -

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



On 30/03/11 15:10, Lamar Owen wrote:
> On Wednesday, March 30, 2011 02:40:16 pm Bob Goodwin wrote:
>>          Netflow says their application is not intended for home use?
>>          It's not clear to me if that has to be installed in a
>>          computer/router or if it's something I can install here in this
>>          computer or if it might already be installed in some routers out
>>          of the box?
> Sorry for overwhelming with info;  here's the simpler version.
>
> Netflow data export is a way the router can keep track of 'flows' of data (think of a flow as a connection; it isn't really, but it's still a good analogy) and export data on those flows passing through it to a 'collector.'  DD-WRT apparently has some support for netflow data export (NDE for short) in this manner.  One of the links I sent was a page that listed a few things about that, and possibly more links to how to set that up in DD-WRT.
>
> Once you have NDE set up to export (but before you actually turn the export on) you need to set up the collector; this is the ntop package that is included in Fedora.  It is a web-based application; there are other flow collectors, but the key thing is that the box running the collector needs to have its firewall opened for the export from the router, and the router needs to know to export the flow data to that IP address.
>
> Once you have ntop collecting the flows, you can get all kinds of statistics on the top talkers, total bandwidth, connections used, IP addresses contacted, just to start.
>
> The setup isn't the easiest in the world; but, then again you have DD-WRT set up, so you've apparently got at least part of the skillset needed.  Just tackle it with patience, and you can make that work.
>
> A hub and doing the collection with a sniffer and ntop will also work, but hubs have their own problems, and unless you'd just rather do it that way, having the router do NDE is the simplest way of getting the information you want.
>
> I'm doing this, using CentOS and ntop, with several Cisco routers of various types (a couple of 12000 series, a 7609, a 7206, a 7507, and a 7401) and it works pretty well.  On CentOS 4 ntop isn't exceptionally stable; not a whole lot better on CentOS 5, but I would expect that the latest and greatest running on F14 might be the ticket.
>
> But my setup isn't the typical home setup, either, so your mileage may vary.
>
> What would be the 'cat's meow' would be ntop or similar integrated into the DD-WRT or other similar router interface, then it's all 'appliance based' and easy.

        Well I'm still overwhelmed but I installed ntop and it turns out
        that dd-wrt has a function called Rflow, and another MACupd
        which I also enabled, and I am getting some pretty impressive
        displays.

        It looks like it will do what I want if I can just master it's
        operation. I will have fun with this! It is serious business
        though, I've got to get usage under control or they throttle
        user speed and threaten worse!

        I'll be back with questions once I know what to ask.

        Thanks all for the excellent help and advice.

        Bob

-- 
users mailing list
users@xxxxxxxxxxxxxxxxxxxxxxx
To unsubscribe or change subscription options:
https://admin.fedoraproject.org/mailman/listinfo/users
Guidelines: http://fedoraproject.org/wiki/Mailing_list_guidelines

[Index of Archives]     [Older Fedora Users]     [Fedora Announce]     [Fedora Package Announce]     [EPEL Announce]     [EPEL Devel]     [Fedora Magazine]     [Fedora Summer Coding]     [Fedora Laptop]     [Fedora Cloud]     [Fedora Advisory Board]     [Fedora Education]     [Fedora Security]     [Fedora Scitech]     [Fedora Robotics]     [Fedora Infrastructure]     [Fedora Websites]     [Anaconda Devel]     [Fedora Devel Java]     [Fedora Desktop]     [Fedora Fonts]     [Fedora Marketing]     [Fedora Management Tools]     [Fedora Mentors]     [Fedora Package Review]     [Fedora R Devel]     [Fedora PHP Devel]     [Kickstart]     [Fedora Music]     [Fedora Packaging]     [Fedora SELinux]     [Fedora Legal]     [Fedora Kernel]     [Fedora OCaml]     [Coolkey]     [Virtualization Tools]     [ET Management Tools]     [Yum Users]     [Yosemite News]     [Gnome Users]     [KDE Users]     [Fedora Art]     [Fedora Docs]     [Fedora Sparc]     [Libvirt Users]     [Fedora ARM]

  Powered by Linux