LinuxQuestions.org
Latest LQ Deal: Linux Power User Bundle
Go Back   LinuxQuestions.org > Forums > Linux Forums > Linux - Newbie
User Name
Password
Linux - Newbie This Linux forum is for members that are new to Linux.
Just starting out and have a question? If it is not in the man pages or the how-to's this is the place!

Notices


Reply
  Search this Thread
Old 09-27-2010, 03:24 AM   #1
sem007
Member
 
Registered: Nov 2006
Distribution: RHEL, CentOS, Debian Lenny, Ubuntu
Posts: 638

Rep: Reputation: 111Reputation: 111
Internet Gateway Monitoring


Hello Friends,

In one of our network we are using one firewall which is works as gateway. all machines are able to access internet through this gateway. There is no filtering and any internet restriction. I would like to setup monitoring system which monitor and log bandwidth and sites access by client machine.

Is there any tool which monitor internet access as well as sites which are access from client machines.

Any other solution which suitable my requirement is also appreciated.

Any idea/experience highly appreciated.

Regards,
 
Old 09-27-2010, 03:32 AM   #2
prayag_pjs
Senior Member
 
Registered: Feb 2008
Location: Pune - India
Distribution: Fedora,RedHat,CentOS,Gentoo
Posts: 1,138
Blog Entries: 4

Rep: Reputation: 147Reputation: 147
Hi try SARG

Sarg - Squid Analysis Report Generator is a tool that allow you to view "where" your users are going to on the Internet.
Sarg provides many informations about Squid users activities: times, bytes, sites, etc...
 
Old 09-27-2010, 03:32 AM   #3
prayag_pjs
Senior Member
 
Registered: Feb 2008
Location: Pune - India
Distribution: Fedora,RedHat,CentOS,Gentoo
Posts: 1,138
Blog Entries: 4

Rep: Reputation: 147Reputation: 147
Configure your gateway as transparent proxy
 
Old 09-27-2010, 03:40 AM   #4
sem007
Member
 
Registered: Nov 2006
Distribution: RHEL, CentOS, Debian Lenny, Ubuntu
Posts: 638

Original Poster
Rep: Reputation: 111Reputation: 111
prayag_pjs,

Thanks for you replay but Squid is not setup in my network but i am using hardware firewall at gateway level.

Regards,
 
Old 09-27-2010, 03:43 AM   #5
prayag_pjs
Senior Member
 
Registered: Feb 2008
Location: Pune - India
Distribution: Fedora,RedHat,CentOS,Gentoo
Posts: 1,138
Blog Entries: 4

Rep: Reputation: 147Reputation: 147
Hi,

See most successful solution is through transparent proxy only.Forward all the traffic from hardware firewall to proxy(squid)

Last edited by prayag_pjs; 09-27-2010 at 04:51 AM.
 
Old 09-27-2010, 04:04 AM   #6
janhe
Member
 
Registered: Jul 2007
Location: Belgium
Distribution: slackware64 13.1, slackware 13.1
Posts: 369

Rep: Reputation: 49
I've done bandwidth monitoring with iptables, and one (dummy) rule for each client IP. That setup does require static IPs on the LAN.

You can see the bandwidth used with iptables -L -v then.
 
Old 09-27-2010, 04:12 AM   #7
sem007
Member
 
Registered: Nov 2006
Distribution: RHEL, CentOS, Debian Lenny, Ubuntu
Posts: 638

Original Poster
Rep: Reputation: 111Reputation: 111
Quote:
Originally Posted by prayag_pjs View Post
Hi,

See most successfully solution is through transparent proxy only.Forward all the traffic from hardware firewall to proxy(squid)
hmmm.....

But in my network some clients are using other application like outlook, vpn connection etc.

Can suid handle all traffic ?
I thinks with squid we can only allow http traffic. (squid is http proxy).


Regards,
 
Old 09-27-2010, 04:16 AM   #8
sem007
Member
 
Registered: Nov 2006
Distribution: RHEL, CentOS, Debian Lenny, Ubuntu
Posts: 638

Original Poster
Rep: Reputation: 111Reputation: 111
Quote:
Originally Posted by janhe View Post
I've done bandwidth monitoring with iptables, and one (dummy) rule for each client IP. That setup does require static IPs on the LAN.

You can see the bandwidth used with iptables -L -v then.
Thanks for suggestion but bandwidth monitoring is not big issue.

I think i can use vnstat instead of creating rules for each client.

Regards,
 
Old 09-27-2010, 05:02 AM   #9
prayag_pjs
Senior Member
 
Registered: Feb 2008
Location: Pune - India
Distribution: Fedora,RedHat,CentOS,Gentoo
Posts: 1,138
Blog Entries: 4

Rep: Reputation: 147Reputation: 147
But at least you will be able to monitor http requests.In transparent mode works great.
 
Old 09-28-2010, 05:24 AM   #10
janhe
Member
 
Registered: Jul 2007
Location: Belgium
Distribution: slackware64 13.1, slackware 13.1
Posts: 369

Rep: Reputation: 49
Quote:
Originally Posted by sem007 View Post
...
But in my network some clients are using other application like outlook, vpn connection etc.

Can suid handle all traffic ?
I thinks with squid we can only allow http traffic. (squid is http proxy).
...
So you want to monitor where your network users get their mail, where they make vpn tunnels to, where they <insert protocol here> ?

You could use the iptables LOG target, but that would mean a lot of data in your logs. Of course, you could log only the connections you don't expect.


For http traffic, a proxy is the best solution.

Or do you want deep packet inspection?
 
Old 02-08-2011, 03:27 PM   #11
dine
LQ Newbie
 
Registered: Oct 2009
Posts: 4

Rep: Reputation: 0
hello all,
sorry for my bad english i installed sarg-2.2.3.1 in RHEL5 but its not working properly, i think am wrongly configured sarg.conf file

Please to help me how to configure


Regards
dinesh

Last edited by dine; 02-08-2011 at 04:37 PM.
 
Old 02-11-2011, 06:27 AM   #12
janhe
Member
 
Registered: Jul 2007
Location: Belgium
Distribution: slackware64 13.1, slackware 13.1
Posts: 369

Rep: Reputation: 49
Please start a new topic for your question.
This topic is old and unrelated, you'll get better responses if you have a topic of your own.
 
  


Reply


Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off



Similar Threads
Thread Thread Starter Forum Replies Last Post
Linux gateway traffic monitoring saifurab Linux - Server 3 05-23-2007 01:06 AM
Setting up a gateway server with bandwidth monitoring? critical Linux - Networking 4 03-27-2006 08:32 AM
Setting up a gateway server with bandwidth monitoring? critical Linux - Software 1 03-27-2006 01:38 AM
Setting up a gateway server with bandwidth monitoring? critical Linux - Software 0 03-26-2006 10:52 PM
Networking monitoring through use of gateway? Transition Linux - Software 1 12-13-2005 04:20 PM


All times are GMT -5. The time now is 12:51 PM.

Main Menu
Advertisement
My LQ
Write for LQ
LinuxQuestions.org is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
Syndicate
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
Facebook: linuxquestions Google+: linuxquestions
Open Source Consulting | Domain Registration