Linux - Desktop This forum is for the discussion of all Linux Software used in a desktop context. |
Notices |
Welcome to LinuxQuestions.org, a friendly and active Linux Community.
You are currently viewing LQ as a guest. By joining our community you will have the ability to post topics, receive our newsletter, use the advanced search, subscribe to threads and access many other special features. Registration is quick, simple and absolutely free. Join our community today!
Note that registered members see fewer ads, and ContentLink is completely disabled once you log in.
Are you new to LinuxQuestions.org? Visit the following links:
Site Howto |
Site FAQ |
Sitemap |
Register Now
If you have any problems with the registration process or your account login, please contact us. If you need to reset your password, click here.
Having a problem logging in? Please visit this page to clear all LQ-related cookies.
Get a virtual cloud desktop with the Linux distro that you want in less than five minutes with Shells! With over 10 pre-installed distros to choose from, the worry-free installation life is here! Whether you are a digital nomad or just looking for flexibility, Shells can put your Linux machine on the device that you want to use.
Exclusive for LQ members, get up to 45% off per month. Click here for more info.
|
 |
|
08-30-2006, 07:40 PM
|
#1
|
LQ Newbie
Registered: Aug 2006
Distribution: Ubuntu 6.06
Posts: 9
Rep:
|
Bandwidth Monitor (That keeps logs)
I recently decided to try linux and installed Ubuntu 6.06. I tried looking for bandwidth monitors that kept logs but I couldn't find any or it was something I had to compile (I have no idea how to compile anything). Does anyone know of a bandwidth monitor that keeps logs of daily/monthly/yearly bandwidth usage?
|
|
|
08-31-2006, 01:17 PM
|
#2
|
LQ 5k Club
Registered: Aug 2005
Distribution: OpenSuse, Fedora, Redhat, Debian
Posts: 5,399
|
Cron this:
Code:
0-59 * * * * /sbin/iptables -vnxZ -L | perl -e '@in=<>; foreach $rule ( @in ){ if( $rule =~ m/ACCEPT/ ){ @rule=split /\s+/, $rule; $bytes += $rule[2];}} $t=scalar localtime(time); $t =~ m/[A-z][a-z][a-z] (.+)/; print "$1 $bytes\n";' >> /var/log/iptablesStats.log
Gets you a minute-by-minute log of all network traffic recorded by iptables. It might break depending on your firewall configuration, or the exact formatting of iptables' reporting, but the basic premise should be discernable. It has been working for me for years. I use logrotate to rotate the logs, and have a php script to plot the results on a simple graph accessible via the web.
--- rod.
|
|
|
08-31-2006, 03:23 PM
|
#3
|
LQ Newbie
Registered: Aug 2006
Distribution: Ubuntu 6.06
Posts: 9
Original Poster
Rep:
|
What exactly does 'cron' mean.
|
|
|
08-31-2006, 04:16 PM
|
#4
|
Member
Registered: May 2006
Location: England
Distribution: Slackware 10.2, Slamd64
Posts: 249
Rep:
|
Quote:
Originally Posted by JDawg06
What exactly does 'cron' mean.
|
According to wikipedia, the name is derived from Greek chronos, meaning time.
|
|
|
08-31-2006, 04:25 PM
|
#5
|
LQ 5k Club
Registered: Aug 2005
Distribution: OpenSuse, Fedora, Redhat, Debian
Posts: 5,399
|
Okay, sorry. Forgot you are a greenhorn.
First, a general answer: when confronted with an unknown command, try apropos, as in
That will often give you a decent idea of what the command is all about.
Next, if you want to know the details of how to use the command, use man:
Often, man will have a section called 'see also', which in this case would be completely germaine to your question.
Code:
SEE ALSO
crontab(1), crontab(5), pam(8)
Tells you to also do
and
Bottom line: read the man pages, and create a crontab file using the example I quoted above. If it doesn't work, come back for more help, or with a fix, if you manage to fix it yourself.
Hope this helps.
--- rod.
|
|
|
08-31-2006, 11:47 PM
|
#6
|
LQ Newbie
Registered: Aug 2006
Distribution: Ubuntu 6.06
Posts: 9
Original Poster
Rep:
|
Alright I found out how to make my own crontab, but ran into some problems.
Wouldn't let me put links since I didn't have 3 posts.
img.photobucket.com/albums/v297/SiKTheGreatOne/Crontab.jpg
img.photobucket.com/albums/v297/SiKTheGreatOne/Crontab2.jpg
|
|
|
09-01-2006, 10:57 AM
|
#7
|
LQ 5k Club
Registered: Aug 2005
Distribution: OpenSuse, Fedora, Redhat, Debian
Posts: 5,399
|
The only problem I see is that it needs to be done as root. It is hard to grab your exact entries to try locally when it is in an image file. All I can guess is that there is a hidden character in there somewhere or maybe Ubuntu's crontab format is different from mine, although that seems improbable. Re-read your man page for the time specification part of the crontab entry. It is complaining about the format of the time specifiers, but when I retry the same command copied and pasted from this forum, I don't get any complaint from my crontab editor. Try replacing the command part of the crontab entry with something really simple like 'ls ~', just to make sure the command itself isn't actually fouling things up. Try using minutes specifiers of 1-60, 1-59. Try a specific list like "0,5,10,15,20,25,30,35,40,45,50,55". In general, for these kinds of problems, simplify things to the point that there are no errors and then start adding stuff back so you can see exactly where the problem originates.
It would be helpful if you could cut & paste the text into this forum, especially if you don't intend to keep those links alive in perpetuity. Others who read this later will lose the continuity, which is part of the point of keeping all of the questions open to all to read.
Now, having said all of this, I do now see where the perl script will fail if your firewall default policies are ACCEPT. I will re-work the script to accomodate that, and post it here when it is ready.
Maybe some other Ubuntu user can try the same crontab entry and post results here....
--- rod.
|
|
|
09-03-2006, 01:50 AM
|
#8
|
LQ Newbie
Registered: Aug 2006
Distribution: Ubuntu 6.06
Posts: 9
Original Poster
Rep:
|
Alright I logged in as root and did it successfully, next time I log in do I need to login as root for the thing to work.
I'm looking at the iptablesStats.log and it doesn't seem to be working.
Sep 3 01:46:01 2006 0
Sep 3 01:47:01 2006 0
Sep 3 01:48:01 2006 0
Sep 3 01:49:01 2006 0
|
|
|
09-04-2006, 12:02 PM
|
#9
|
LQ 5k Club
Registered: Aug 2005
Distribution: OpenSuse, Fedora, Redhat, Debian
Posts: 5,399
|
Can you post the results of:
Code:
/sbin/iptables -vnx -L
(as root, of course)
This will help me make sure I get the perl script modifications correct for you.
Here is a preliminary try that may work.
Code:
/sbin/iptables -vnx -L | perl -e 'while( <> ){ if($_ =~ m/policy ACCEPT/ && $_ =~ m/([0-9]+)\s+bytes/){$bytes+=$1;}}$t=scalar localtime(time); $t =~ m/[A-z][a-z][a-z] (.+)/; print "$1 $bytes\n";'
You can run this from the commandline, as root, for a quick test.
--- rod.
|
|
|
09-04-2006, 02:34 PM
|
#10
|
LQ Newbie
Registered: Aug 2006
Distribution: Ubuntu 6.06
Posts: 9
Original Poster
Rep:
|
Output of /sbin/iptables -vnx -L:
Code:
Chain INPUT (policy ACCEPT 146 packets, 129994 bytes)
pkts bytes target prot opt in out source destination
Chain FORWARD (policy ACCEPT 0 packets, 0 bytes)
pkts bytes target prot opt in out source destination
Chain OUTPUT (policy ACCEPT 106 packets, 10713 bytes)
pkts bytes target prot opt in out source destination
Output of the second code:
Sep 4 14:31:30 2006 144686
Does this log both download/upload?
|
|
|
09-04-2006, 06:27 PM
|
#11
|
LQ 5k Club
Registered: Aug 2005
Distribution: OpenSuse, Fedora, Redhat, Debian
Posts: 5,399
|
It looks like that does it. The numbers don't add up in the two parts of your post, but I assume that is because they are from two separate runs. The total recorded is the sum of all three chains; INPUT, OUTPUT, and FORWARD (which should be zero except on a router or firewall). If you change your iptables configuration, the perl script will have to be modified accordingly.
--- rod.
|
|
|
09-04-2006, 09:03 PM
|
#12
|
LQ Newbie
Registered: Aug 2006
Distribution: Ubuntu 6.06
Posts: 9
Original Poster
Rep:
|
So how do I tell the difference between download and upload?
I found ntop: http://www.ntop.org/overview.html
But I have no idea how to install it.
|
|
|
09-04-2006, 10:33 PM
|
#13
|
LQ 5k Club
Registered: Aug 2005
Distribution: OpenSuse, Fedora, Redhat, Debian
Posts: 5,399
|
You can't, because that's not what you asked for. If you want a total network analyzer package, then ntop is probably the thing you want. Since you have found something you want, now is probably the time to get a primer in installing these kinds of things.
First, you want to get the package. If Ubuntu uses RPM's, look on rpmfind or pbone, and see if they have a package for your particular distribution. If yes, just download it, and install it with 'rpm -ihv' (as root, of course).
If no RPM available, download the compressed tar file from sourceforge.
These next steps apply to the vast majority of source tar-balls:
1. untar it with 'tar -zxvf ntop-blah-blah.tgz'.
2. cd ntop-blah-blah
2a - more ./INSTALL or ./README or ./Read.Me......
3. ./configure
4. make
5. make install
The configure step may point out missing dependencies, which you address by downloading and installing said dependencies (all the while becoming acquainted with the term 'dependency hell').
Welcome to the Free Open Source Software world. :-)
--- rod.
|
|
|
09-04-2006, 10:59 PM
|
#14
|
LQ Newbie
Registered: Aug 2006
Distribution: Ubuntu 6.06
Posts: 9
Original Poster
Rep:
|
Configure does prove to be troublesome.
Code:
configure: error: no acceptable C compiler found in $PATH
I tried before to get a C compiler and failed.
Which C compiler do you suggest?
Edit: The 'build-essentials' package was not installed, now to find more dependencies.
Edit: Wow...Alright, for ntop I need libpcap and for libpcap I need flex and for flex I need GNU M4 1.4. However I installed GNU M4 1.4 but flex won't install  .
Edit: Went to ubuntu site for libpcap package(Supposedly tcpdump.org has trojans...I hope not), libgdbm package.
New problem, I installed gd and gd-devel and still get this message when trying to configure ntop.
Code:
*******************************************************************
*
* ERROR: gd header or library routines are missing
* (yes means it was found, no means it was not found)
*
* gd.h...yes
* gdImageDestroy() in -lgd...no
*
*>>> No way to proceed.
*
*??? Install gd (and/or gd-devel), check www.boutell.com/gd
*??? and Rerun ./configure
*
*******************************************************************
Last edited by JDawg06; 09-05-2006 at 01:43 AM.
|
|
|
09-05-2006, 10:13 AM
|
#15
|
LQ 5k Club
Registered: Aug 2005
Distribution: OpenSuse, Fedora, Redhat, Debian
Posts: 5,399
|
Quote:
I tried before to get a C compiler and failed.
Which C compiler do you suggest?
|
The only one that should be an option is Gnu CC, aka gcc.
It sounds like you really should install the Ubuntu developer's version. The distributions that I am most acquainted with have an installation option to install a toolset for software development. That would include a host of compilers, and associated tools, libraries, etc. (like flex & M4,for instance). The good thing about going this route is that all the components will likely have been tested for compatibility, and the set should be relatively complete. Maybe these are the things in the 'build-essentials' package that you mention. If you have a fresh Linux install without too much customization done that you don't want to throw away, I suggest you do a re-install and select a complete install with everything available in the distribution. All I know about Ubuntu is that it is touted as a good system for beginners and non developers. Perhaps a different distro such as Fedora Core or Suse is worth considering.
I just did a quick look, and it seems like synaptic is the weapon of choice for installing packages in Ubuntu. If you want to install most things, using that should be your first choice.
The issue with gdImageDestroy must mean that ntop relies on a specific version of the gd lib; hopefully the most recent version. A quick scan of the Boutell.com site doesn't reveal anything about that call, and it doesn't sound like anything very unusual, so my guess is that the error you are seeing has more to do with the way in which your gd library is installed. Did you get yours from boutell.com or one of it's mirrors?
If you are concerned about trojans, I suggest installing packages obtained from large repositories such as sourceforge.net. AFAIK, trojans are rarely distibuted as source code, because it would be fairly easy to spot and remove, and any trojan-bearing code from a place like sourceforge would be quickly detectd and erradicated. A mature library like libpcap is almost certain not to contain any trojan. Good of you to be concerned about that kind of thing, though.
Hope all of this doesn't seem too scarey. Once you get the hang of it, it opens up a lot of possibilities. You'll be better off for your efforts. The progress you've already made tells me you will manage just fine.
--- rod.
|
|
|
All times are GMT -5. The time now is 05:38 AM.
|
LinuxQuestions.org is looking for people interested in writing
Editorials, Articles, Reviews, and more. If you'd like to contribute
content, let us know.
|
Latest Threads
LQ News
|
|