LinuxQuestions.org
Visit Jeremy's Blog.
Go Back   LinuxQuestions.org > Forums > Linux Forums > Linux - Desktop
User Name
Password
Linux - Desktop This forum is for the discussion of all Linux Software used in a desktop context.

Notices


Reply
  Search this Thread
Old 08-30-2006, 07:40 PM   #1
JDawg06
LQ Newbie
 
Registered: Aug 2006
Distribution: Ubuntu 6.06
Posts: 9

Rep: Reputation: 0
Bandwidth Monitor (That keeps logs)


I recently decided to try linux and installed Ubuntu 6.06. I tried looking for bandwidth monitors that kept logs but I couldn't find any or it was something I had to compile (I have no idea how to compile anything). Does anyone know of a bandwidth monitor that keeps logs of daily/monthly/yearly bandwidth usage?
 
Old 08-31-2006, 01:17 PM   #2
theNbomr
LQ 5k Club
 
Registered: Aug 2005
Distribution: OpenSuse, Fedora, Redhat, Debian
Posts: 5,399
Blog Entries: 2

Rep: Reputation: 908Reputation: 908Reputation: 908Reputation: 908Reputation: 908Reputation: 908Reputation: 908Reputation: 908
Cron this:
Code:
0-59 * * * * /sbin/iptables -vnxZ -L | perl -e '@in=<>; foreach $rule ( @in ){ if( $rule =~ m/ACCEPT/ ){ @rule=split /\s+/, $rule; $bytes += $rule[2];}} $t=scalar localtime(time); $t =~ m/[A-z][a-z][a-z] (.+)/; print "$1  $bytes\n";' >> /var/log/iptablesStats.log
Gets you a minute-by-minute log of all network traffic recorded by iptables. It might break depending on your firewall configuration, or the exact formatting of iptables' reporting, but the basic premise should be discernable. It has been working for me for years. I use logrotate to rotate the logs, and have a php script to plot the results on a simple graph accessible via the web.

--- rod.
 
Old 08-31-2006, 03:23 PM   #3
JDawg06
LQ Newbie
 
Registered: Aug 2006
Distribution: Ubuntu 6.06
Posts: 9

Original Poster
Rep: Reputation: 0
What exactly does 'cron' mean.
 
Old 08-31-2006, 04:16 PM   #4
soggycornflake
Member
 
Registered: May 2006
Location: England
Distribution: Slackware 10.2, Slamd64
Posts: 249

Rep: Reputation: 31
Quote:
Originally Posted by JDawg06
What exactly does 'cron' mean.
According to wikipedia, the name is derived from Greek chronos, meaning time.
 
Old 08-31-2006, 04:25 PM   #5
theNbomr
LQ 5k Club
 
Registered: Aug 2005
Distribution: OpenSuse, Fedora, Redhat, Debian
Posts: 5,399
Blog Entries: 2

Rep: Reputation: 908Reputation: 908Reputation: 908Reputation: 908Reputation: 908Reputation: 908Reputation: 908Reputation: 908
Okay, sorry. Forgot you are a greenhorn.
First, a general answer: when confronted with an unknown command, try apropos, as in
Code:
apropos cron
That will often give you a decent idea of what the command is all about.
Next, if you want to know the details of how to use the command, use man:
Code:
man cron
Often, man will have a section called 'see also', which in this case would be completely germaine to your question.
Code:
SEE ALSO
       crontab(1), crontab(5), pam(8)
Tells you to also do
Code:
man crontab
and
Code:
man 5 crontab
Bottom line: read the man pages, and create a crontab file using the example I quoted above. If it doesn't work, come back for more help, or with a fix, if you manage to fix it yourself.

Hope this helps.

--- rod.
 
Old 08-31-2006, 11:47 PM   #6
JDawg06
LQ Newbie
 
Registered: Aug 2006
Distribution: Ubuntu 6.06
Posts: 9

Original Poster
Rep: Reputation: 0
Alright I found out how to make my own crontab, but ran into some problems.

Wouldn't let me put links since I didn't have 3 posts.

img.photobucket.com/albums/v297/SiKTheGreatOne/Crontab.jpg

img.photobucket.com/albums/v297/SiKTheGreatOne/Crontab2.jpg
 
Old 09-01-2006, 10:57 AM   #7
theNbomr
LQ 5k Club
 
Registered: Aug 2005
Distribution: OpenSuse, Fedora, Redhat, Debian
Posts: 5,399
Blog Entries: 2

Rep: Reputation: 908Reputation: 908Reputation: 908Reputation: 908Reputation: 908Reputation: 908Reputation: 908Reputation: 908
The only problem I see is that it needs to be done as root. It is hard to grab your exact entries to try locally when it is in an image file. All I can guess is that there is a hidden character in there somewhere or maybe Ubuntu's crontab format is different from mine, although that seems improbable. Re-read your man page for the time specification part of the crontab entry. It is complaining about the format of the time specifiers, but when I retry the same command copied and pasted from this forum, I don't get any complaint from my crontab editor. Try replacing the command part of the crontab entry with something really simple like 'ls ~', just to make sure the command itself isn't actually fouling things up. Try using minutes specifiers of 1-60, 1-59. Try a specific list like "0,5,10,15,20,25,30,35,40,45,50,55". In general, for these kinds of problems, simplify things to the point that there are no errors and then start adding stuff back so you can see exactly where the problem originates.

It would be helpful if you could cut & paste the text into this forum, especially if you don't intend to keep those links alive in perpetuity. Others who read this later will lose the continuity, which is part of the point of keeping all of the questions open to all to read.

Now, having said all of this, I do now see where the perl script will fail if your firewall default policies are ACCEPT. I will re-work the script to accomodate that, and post it here when it is ready.

Maybe some other Ubuntu user can try the same crontab entry and post results here....

--- rod.
 
Old 09-03-2006, 01:50 AM   #8
JDawg06
LQ Newbie
 
Registered: Aug 2006
Distribution: Ubuntu 6.06
Posts: 9

Original Poster
Rep: Reputation: 0
Alright I logged in as root and did it successfully, next time I log in do I need to login as root for the thing to work.

I'm looking at the iptablesStats.log and it doesn't seem to be working.

Sep 3 01:46:01 2006 0
Sep 3 01:47:01 2006 0
Sep 3 01:48:01 2006 0
Sep 3 01:49:01 2006 0
 
Old 09-04-2006, 12:02 PM   #9
theNbomr
LQ 5k Club
 
Registered: Aug 2005
Distribution: OpenSuse, Fedora, Redhat, Debian
Posts: 5,399
Blog Entries: 2

Rep: Reputation: 908Reputation: 908Reputation: 908Reputation: 908Reputation: 908Reputation: 908Reputation: 908Reputation: 908
Can you post the results of:
Code:
/sbin/iptables -vnx -L
(as root, of course)
This will help me make sure I get the perl script modifications correct for you.

Here is a preliminary try that may work.
Code:
/sbin/iptables -vnx -L | perl -e 'while( <> ){ if($_ =~ m/policy ACCEPT/ && $_ =~ m/([0-9]+)\s+bytes/){$bytes+=$1;}}$t=scalar localtime(time); $t =~ m/[A-z][a-z][a-z] (.+)/; print "$1  $bytes\n";'
You can run this from the commandline, as root, for a quick test.

--- rod.
 
Old 09-04-2006, 02:34 PM   #10
JDawg06
LQ Newbie
 
Registered: Aug 2006
Distribution: Ubuntu 6.06
Posts: 9

Original Poster
Rep: Reputation: 0
Output of /sbin/iptables -vnx -L:
Code:
Chain INPUT (policy ACCEPT 146 packets, 129994 bytes)
    pkts      bytes target     prot opt in     out     source               destination

Chain FORWARD (policy ACCEPT 0 packets, 0 bytes)
    pkts      bytes target     prot opt in     out     source               destination

Chain OUTPUT (policy ACCEPT 106 packets, 10713 bytes)
    pkts      bytes target     prot opt in     out     source               destination
Output of the second code:
Sep 4 14:31:30 2006 144686

Does this log both download/upload?
 
Old 09-04-2006, 06:27 PM   #11
theNbomr
LQ 5k Club
 
Registered: Aug 2005
Distribution: OpenSuse, Fedora, Redhat, Debian
Posts: 5,399
Blog Entries: 2

Rep: Reputation: 908Reputation: 908Reputation: 908Reputation: 908Reputation: 908Reputation: 908Reputation: 908Reputation: 908
It looks like that does it. The numbers don't add up in the two parts of your post, but I assume that is because they are from two separate runs. The total recorded is the sum of all three chains; INPUT, OUTPUT, and FORWARD (which should be zero except on a router or firewall). If you change your iptables configuration, the perl script will have to be modified accordingly.

--- rod.
 
Old 09-04-2006, 09:03 PM   #12
JDawg06
LQ Newbie
 
Registered: Aug 2006
Distribution: Ubuntu 6.06
Posts: 9

Original Poster
Rep: Reputation: 0
So how do I tell the difference between download and upload?

I found ntop: http://www.ntop.org/overview.html

But I have no idea how to install it.
 
Old 09-04-2006, 10:33 PM   #13
theNbomr
LQ 5k Club
 
Registered: Aug 2005
Distribution: OpenSuse, Fedora, Redhat, Debian
Posts: 5,399
Blog Entries: 2

Rep: Reputation: 908Reputation: 908Reputation: 908Reputation: 908Reputation: 908Reputation: 908Reputation: 908Reputation: 908
You can't, because that's not what you asked for. If you want a total network analyzer package, then ntop is probably the thing you want. Since you have found something you want, now is probably the time to get a primer in installing these kinds of things.
First, you want to get the package. If Ubuntu uses RPM's, look on rpmfind or pbone, and see if they have a package for your particular distribution. If yes, just download it, and install it with 'rpm -ihv' (as root, of course).
If no RPM available, download the compressed tar file from sourceforge.
These next steps apply to the vast majority of source tar-balls:
1. untar it with 'tar -zxvf ntop-blah-blah.tgz'.
2. cd ntop-blah-blah
2a - more ./INSTALL or ./README or ./Read.Me......
3. ./configure
4. make
5. make install

The configure step may point out missing dependencies, which you address by downloading and installing said dependencies (all the while becoming acquainted with the term 'dependency hell').
Welcome to the Free Open Source Software world. :-)

--- rod.
 
Old 09-04-2006, 10:59 PM   #14
JDawg06
LQ Newbie
 
Registered: Aug 2006
Distribution: Ubuntu 6.06
Posts: 9

Original Poster
Rep: Reputation: 0
Configure does prove to be troublesome.
Code:
configure: error: no acceptable C compiler found in $PATH
I tried before to get a C compiler and failed.
Which C compiler do you suggest?

Edit: The 'build-essentials' package was not installed, now to find more dependencies.

Edit: Wow...Alright, for ntop I need libpcap and for libpcap I need flex and for flex I need GNU M4 1.4. However I installed GNU M4 1.4 but flex won't install .

Edit: Went to ubuntu site for libpcap package(Supposedly tcpdump.org has trojans...I hope not), libgdbm package.

New problem, I installed gd and gd-devel and still get this message when trying to configure ntop.
Code:
*******************************************************************
*
* ERROR: gd header or library routines are missing
*           (yes means it was found, no means it was not found)
*
*              gd.h...yes
*              gdImageDestroy() in -lgd...no
*
*>>> No way to proceed.
*
*???        Install gd (and/or gd-devel), check www.boutell.com/gd
*???    and Rerun ./configure
*
*******************************************************************

Last edited by JDawg06; 09-05-2006 at 01:43 AM.
 
Old 09-05-2006, 10:13 AM   #15
theNbomr
LQ 5k Club
 
Registered: Aug 2005
Distribution: OpenSuse, Fedora, Redhat, Debian
Posts: 5,399
Blog Entries: 2

Rep: Reputation: 908Reputation: 908Reputation: 908Reputation: 908Reputation: 908Reputation: 908Reputation: 908Reputation: 908
Quote:
I tried before to get a C compiler and failed.
Which C compiler do you suggest?
The only one that should be an option is Gnu CC, aka gcc.

It sounds like you really should install the Ubuntu developer's version. The distributions that I am most acquainted with have an installation option to install a toolset for software development. That would include a host of compilers, and associated tools, libraries, etc. (like flex & M4,for instance). The good thing about going this route is that all the components will likely have been tested for compatibility, and the set should be relatively complete. Maybe these are the things in the 'build-essentials' package that you mention. If you have a fresh Linux install without too much customization done that you don't want to throw away, I suggest you do a re-install and select a complete install with everything available in the distribution. All I know about Ubuntu is that it is touted as a good system for beginners and non developers. Perhaps a different distro such as Fedora Core or Suse is worth considering.

I just did a quick look, and it seems like synaptic is the weapon of choice for installing packages in Ubuntu. If you want to install most things, using that should be your first choice.

The issue with gdImageDestroy must mean that ntop relies on a specific version of the gd lib; hopefully the most recent version. A quick scan of the Boutell.com site doesn't reveal anything about that call, and it doesn't sound like anything very unusual, so my guess is that the error you are seeing has more to do with the way in which your gd library is installed. Did you get yours from boutell.com or one of it's mirrors?

If you are concerned about trojans, I suggest installing packages obtained from large repositories such as sourceforge.net. AFAIK, trojans are rarely distibuted as source code, because it would be fairly easy to spot and remove, and any trojan-bearing code from a place like sourceforge would be quickly detectd and erradicated. A mature library like libpcap is almost certain not to contain any trojan. Good of you to be concerned about that kind of thing, though.

Hope all of this doesn't seem too scarey. Once you get the hang of it, it opens up a lot of possibilities. You'll be better off for your efforts. The progress you've already made tells me you will manage just fine.

--- rod.
 
  


Reply


Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off



Similar Threads
Thread Thread Starter Forum Replies Last Post
bandwidth Monitor alexr186 Linux - Networking 3 07-12-2006 11:53 PM
Bandwidth monitor hondaman Linux - Networking 3 01-02-2005 04:30 PM
Bandwidth Monitor j0ntar_2 Linux - Networking 2 12-12-2004 01:01 PM
bandwidth monitor FireAge Linux - Software 5 06-16-2004 04:56 PM
i need a bandwidth monitor ShawnD Linux - Networking 8 09-10-2002 04:02 PM

LinuxQuestions.org > Forums > Linux Forums > Linux - Desktop

All times are GMT -5. The time now is 05:38 AM.

Main Menu
Advertisement
My LQ
Write for LQ
LinuxQuestions.org is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
Syndicate
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
Open Source Consulting | Domain Registration