Linux - GeneralThis Linux forum is for general Linux questions and discussion.
If it is Linux Related and doesn't seem to fit in any other forum then this is the place.
Notices
Welcome to LinuxQuestions.org, a friendly and active Linux Community.
You are currently viewing LQ as a guest. By joining our community you will have the ability to post topics, receive our newsletter, use the advanced search, subscribe to threads and access many other special features. Registration is quick, simple and absolutely free. Join our community today!
Note that registered members see fewer ads, and ContentLink is completely disabled once you log in.
If you have any problems with the registration process or your account login, please contact us. If you need to reset your password, click here.
Having a problem logging in? Please visit this page to clear all LQ-related cookies.
Get a virtual cloud desktop with the Linux distro that you want in less than five minutes with Shells! With over 10 pre-installed distros to choose from, the worry-free installation life is here! Whether you are a digital nomad or just looking for flexibility, Shells can put your Linux machine on the device that you want to use.
Exclusive for LQ members, get up to 45% off per month. Click here for more info.
I have been assign a job to Track down the internet usage of complete office. Currently we have CentOs Server 4.3 on Intel P4 Dual Core processor with 1 GB ram running as Internet Gateway server for my office.
Also we are tracking web access through (http) request using Squid and blocking unwanted trafice using SquidGuard. But I wonder if squid is capable of tracking all outgoing and incoming requests?
i.e. we are web development company and lot of us do FTP, SSH, Windows Desktop sharing, news group, emails etc etc. Now we want to same functionality that squid and squid gaurd provide for http request.
Please suggest a way and software (open source preferred, paid software works but if doesn't cost too much ) )
Hrm on the paid side i would say Secure computings smartfilter.. but they don't support Centos only RHEL.. I tried to demo thir software using centos and they refused to help me get it working.. so I guess that is out..
The iptables-log tells you everything, which packet from which address and which ports comes and goes.
The good thing is the bad thing: You get a LOT of information !
First you have to configure iptables, there are many threads in the Network-Forum here !
Usually the log-information goes into a logfile, I've read (not tested so far), that you can reroute the log-information into a mysql-database...which would make the reporting then easier.
What you don't see (afaik) in the iptable-logs is:
URLs (Domain names),
Content of the packages
Size the packages
I you need this kind of information, you probably need a Netsniffer (Etherreal for example).
It might be that there is Software available out there, which combines all this together and helps you identifying who consumes your bandwith.....I am not aware of that, sorry.
That's what Sawmill is for.. if you look at sawmill it's designed to parse log file like mad and generate reports for you.. it can also resolve those IP addressess into URL's when it reports.. very powerful tool, and one that is worth the money they charge for it. (or you can get it for free by doing testing and reporting on it, see their website for details). also amazing is the number and types of differnt log files it supports. so Sawmill should work well with iptables log
LinuxQuestions.org is looking for people interested in writing
Editorials, Articles, Reviews, and more. If you'd like to contribute
content, let us know.