Linux - SoftwareThis forum is for Software issues.
Having a problem installing a new program? Want to know which application is best for the job? Post your question in this forum.
Welcome to LinuxQuestions.org, a friendly and active Linux Community.
You are currently viewing LQ as a guest. By joining our community you will have the ability to post topics, receive our newsletter, use the advanced search, subscribe to threads and access many other special features. Registration is quick, simple and absolutely free. Join our community today!
Note that registered members see fewer ads, and ContentLink is completely disabled once you log in.
If you have any problems with the registration process or your account login, please contact us. If you need to reset your password, click here.
Having a problem logging in? Please visit this page to clear all LQ-related cookies.
Introduction to Linux - A Hands on Guide
This guide was created as an overview of the Linux Operating System, geared toward new users as an exploration tour and getting started guide, with exercises at the end of each chapter.
For more advanced trainees it can be a desktop reference, and a collection of the base knowledge needed to proceed with system and network administration. This book contains many real life examples derived from the author's experience as a Linux system and network administrator, trainer and consultant. They hope these examples will help you to get a better understanding of the Linux system and that you feel encouraged to try out things on your own.
Click Here to receive this Complete Guide absolutely free.
I am running a linux firewall and I was wondering if anybody knew of some good traffic logging software. Ok I am not really concerned about tracking the amount of traffic on the router, but if I go to google or linux.com then I want the router to log the full address and the time. If I can only log the IP addresses and the pages of that ip then that would be ok but I'd rather have it the other way.
One side note, I am doing this just for my own amusement. I'm not trying to spy on my family (I live alone) or anything devious like that. But truth be told, I'd like to implement something like this at work because we're having lots of trouble with this and I'm the one who gets to spend 2 hrs cleaning off infested Windows PCs. It would be nice for people to think they can't just browse anywhere anytime (It is a hospital.... I'm pretty sure they have better things to do than download games).
But anyhow, any suggestions anybody could give me would be mucho appreciato.
Most of our client PCs here are W2k. We have some software that needs admin priveleges to work. Not all PCs need the software so we limit some PCs. This is one of those problems that goes in waves. We'll see a lot, then crack down on it. Then the problem subsides for a while. We have a firewall that has some logging capablilites; we just need to get people thinking we are going to start checking those daily again.
have you built the chart libs before configuring ntop?
you can read about building them in ntop/docs/BUILD-NTOP.txt:
in addition to the 2 points below, you may read point 1 as it lists what's needed to build ntop.
alternatively, try searching www.rpmfind.net for appropriate rpms' - in this case, you don't have to configure/compile it yourself.
if you absolutely don't want to use ntop, maybe iptraf (homepage can help out.
2. Build chart libraries
- cd gdchart0.94c/
- cd gd-1.8.3/libpng-1.2.4
- cp scripts/makefile.[make your choice] Makefile
- cd ../../zlib-1.1.4/
- cd ..
If you're using a gcc-powered system you can type
- cd gdchart0.94c/
Note: It MAY be necessary for some of these packages on some systems
to do a "make install". If you get error messages concerning
missing libraries at run time, then try doing the make install
from the appropriate subdirectory.
If you want to log web usage, you might think about squid........you can turn off the caching function and just have it log all of your traffic. You then could block all outgoing web requests at the firewall unless it originates from the squid proxy server. From there have all of the Windows clients configure their browsers to use the squid proxy server.
This could have 2 advantages for you.
1.) It doesnt let out internet traffic (through the firewall) that doesnt go through the proxy server first.
2.) It makes sure they know that you are watching what they are doing by having them change the proxy settings. You can add passwords also I believe per user.
Ok. I've got ntop running on my home router. I went to my web interface to see if it logged where I went and it did. I don't think it gave the full address (the directory and page name that was visited) but that's ok for now. The problem I have is that it shows where I went for the last hour and that's it. I want more info than that. I'd like a weeks worth of information and I'd like to have a few weeks worth backed up so I could review last weeks if possible. Is this possible w/ this program? I'm impressed w/ the info it has given thus far, but I need more.
Here is my command to start it:
/usr/local/bin/ntop -d -i eth1 -p HTTP=http,https -r 120 -w 10001 -W 0 -u xuser -P /var/spool/ntop -s