Date: Wed, 03 Sep 2008 01:12:14 +0100 From: Howard Jones <howie@thingy.com> To: freebsd-isp@freebsd.org Subject: Re: [freebsd-isp] B/W Monitoring with IPFW Message-ID: <48BDD65E.4040902@thingy.com> In-Reply-To: <20080902185102.GA7176@crosswinds.net> References: <20080902185102.GA7176@crosswinds.net>
next in thread | previous in thread | raw e-mail | index | archive | help
Tony Holmes wrote: > I have simply gotten buried in the many options for monitoring and > graphing b/w data and just need a pointer from experienced people > at solutions. > > I have a dedicated FreeBSD 4.10 (yeah it's old) firewall with IPFW > and the appropriate counter rules installed. Each counter rule has > an in and out rule for the boxes (contained in a Class-C block) that > I wish to monitor. > > I have a dedicated monitoring box for presenting of data. Collecting > every 5 mins will be the standard. > > I wish to have a delve-down of the following: > > Level 1: Summary of all traffic in/out > Level 2: Summary of host in/out - these will be grouped by IP/function > I use dedicated server/jails for functions (http on one, ftp one > another, etc) > Level 3: Detail of each individual IP > > I've gotten lost in the options - mrtg, rrdtool, cacti... using custom script, > snmpd... the list goes on. In all my years I've never done this part myself and > now I find I need to. > Extending net-snmp to do this, and then using anything that can read/graph/report SNMP (cacti, mrtg, cricket etc) is pretty straightforward. If you can make a simple shell script to get the value you want (e.g. ipfw show 400 | cut -f3 -d' ') then this works OK as a starting point. I have a similar example on my site: http://wotsit.thingy.com/haj/cacti/cacti-dynfirewall.html (and a few more on there). You might also want to look at ng_netflow or ntop - can't remember if netgraph/ng_* was in 4.10 though. To get down to per-IP without having a huge number of ipfw count rules, these two might fit better. Howie
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?48BDD65E.4040902>