Linux - Networking This forum is for any issue related to networks or networking.
Routing, network cards, OSI, etc. Anything is fair game. |
Notices |
Welcome to LinuxQuestions.org, a friendly and active Linux Community.
You are currently viewing LQ as a guest. By joining our community you will have the ability to post topics, receive our newsletter, use the advanced search, subscribe to threads and access many other special features. Registration is quick, simple and absolutely free. Join our community today!
Note that registered members see fewer ads, and ContentLink is completely disabled once you log in.
Are you new to LinuxQuestions.org? Visit the following links:
Site Howto |
Site FAQ |
Sitemap |
Register Now
If you have any problems with the registration process or your account login, please contact us. If you need to reset your password, click here.
Having a problem logging in? Please visit this page to clear all LQ-related cookies.
Get a virtual cloud desktop with the Linux distro that you want in less than five minutes with Shells! With over 10 pre-installed distros to choose from, the worry-free installation life is here! Whether you are a digital nomad or just looking for flexibility, Shells can put your Linux machine on the device that you want to use.
Exclusive for LQ members, get up to 45% off per month. Click here for more info.
|
|
05-01-2014, 11:34 AM
|
#1
|
Member
Registered: Sep 2009
Posts: 46
Rep:
|
Network monitoring. Best way?
I have 5 locations, and at each one my network topography is this:
['teh interwebz']/[vpn] <- [vpn router] <- [switch] <- [host pc's running win]
I want to insert a ubuntu box in the middle running squid to monitor user activity. Not sure how to go about this though, especially with the VPN and router I use.
Can anyone help? Perhaps point me in the right direction? Tell me of a good beer they've tried?
thanks!
|
|
|
05-01-2014, 12:40 PM
|
#2
|
Senior Member
Registered: Feb 2011
Location: Massachusetts, USA
Distribution: Fedora
Posts: 4,233
|
I have a CentOS box running OpenVPN in place of your router on my home network. It also runs IPTables firewall rules, dynamic DNS client and some other services. I've seen similar setups running squid.
As for beer, if you like hoppy beers try Jack's Abby - Hoponious Union.
|
|
1 members found this post helpful.
|
05-01-2014, 07:25 PM
|
#3
|
Member
Registered: Sep 2009
Posts: 46
Original Poster
Rep:
|
I'd rather not replace my routers, due to the fact that A) thats 5 of them I've got to replace (im lazy), and B) I haven't been able to get openvpn to play well with netgear. Any other way? any way I can just chuck a second nic card into a box and have iptables pass the data from one card to the next and logging it along the way?
Love hoppy beers. I'll check that out next time I'm at bevmo!
|
|
|
05-02-2014, 10:31 AM
|
#4
|
LQ Guru
Registered: Jul 2003
Location: Birmingham, Alabama
Distribution: SuSE, RedHat, Slack,CentOS
Posts: 27,336
|
Quote:
Originally Posted by rubberducky
I have 5 locations, and at each one my network topography is this:
['teh interwebz']/[vpn] <- [vpn router] <- [switch] <- [host pc's running win]
I want to insert a ubuntu box in the middle running squid to monitor user activity. Not sure how to go about this though, especially with the VPN and router I use. Can anyone help? Perhaps point me in the right direction?
|
If all 5 locations are being sent to one central location before going to the Internet, then put your squid/monitor server in place between the VPN and Internet. However, if all five of your locations have separate Internet connections, you could put a squid box at each site, and configure Sarg to run reports on each of them.
This assumes that by 'network monitoring', you just mean web-traffic monitoring. If you're talking about traffic and bandwidth statistics, that's a different thing, and Squid isn't much use for that at all. That's more a job for MRTG and SNMP on the routers.
Quote:
Tell me of a good beer they've tried?
|
Well..we've got six breweries here in town...and several more within an easy drive, but those are just local brews. Unless you live near Alabama, your chances of getting them are slim...they can hardly keep up with demand for our state, much less ship.
That said, and given that you like hoppy beers, my current all-time favorite is from Brash brewing (Mass., I believe), "The Bollocks" Imperial IPA. Awesome.
|
|
2 members found this post helpful.
|
05-02-2014, 11:42 PM
|
#5
|
Member
Registered: Sep 2009
Posts: 46
Original Poster
Rep:
|
Quote:
This assumes that by 'network monitoring', you just mean web-traffic monitoring. If you're talking about traffic and bandwidth statistics, that's a different thing, and Squid isn't much use for that at all. That's more a job for MRTG and SNMP on the routers.
|
The routers needed for that are above my budget. However I do have a bunch of nic cards floating around with some extra old PC's. What can I do with those?
Quote:
That said, and given that you like hoppy beers, my current all-time favorite is from Brash brewing (Mass., I believe), "The Bollocks" Imperial IPA. Awesome.
|
Ah IPA. Gotta love firestone. Or, should you be on a budget, like myself, you can pick up some 3rd shift. Good quality IPA for cheap
|
|
|
05-03-2014, 12:02 PM
|
#6
|
LQ Guru
Registered: Jul 2003
Location: Birmingham, Alabama
Distribution: SuSE, RedHat, Slack,CentOS
Posts: 27,336
|
Quote:
Originally Posted by rubberducky
The routers needed for that are above my budget. However I do have a bunch of nic cards floating around with some extra old PC's. What can I do with those?
|
You can pretty much monitor ANY router with SNMP. You should just have to enable SNMP, set your community strings, and that's it. Have you checked the manual on your routers? And ARE you trying to monitor bandwidth/usage, or just HTTP?? You haven't said, nor have you said if all 5 locations are running through one central location out to the Internet, or if you have five separate connections.
There are many tutorials on how to configure a Linux system as a router, depending on your version/distro of Linux, but all that's really going to get you is what you already probably have: a router you can query via SNMP.
Quote:
Ah IPA. Gotta love firestone. Or, should you be on a budget, like myself, you can pick up some 3rd shift. Good quality IPA for cheap
|
We have two here in town that can. Good People cans both their IPA and double-IPA, and Avondale brewing does theirs as well. Cheaper than 3rd shift, too.
|
|
1 members found this post helpful.
|
05-03-2014, 02:46 PM
|
#7
|
Member
Registered: Sep 2009
Posts: 46
Original Poster
Rep:
|
Quote:
You can pretty much monitor ANY router with SNMP. You should just have to enable SNMP, set your community strings, and that's it. Have you checked the manual on your routers?
|
Ah ha, you sir are awesome. This is the first time I've tried to use this. Last time I had an ubuntu gateway/firewall/monitor so this time I'll try this.
Quote:
And ARE you trying to monitor bandwidth/usage, or just HTTP?? You haven't said, nor have you said if all 5 locations are running through one central location out to the Internet, or if you have five separate connections.
|
Trying to monitor web usage. Trying to differentiate between those who use facebook all day, and those who check it on their lunch break, and those who are downloading porn. Also, all use separate internet connections.
Quote:
We have two here in town that can. Good People cans both their IPA and double-IPA, and Avondale brewing does theirs as well. Cheaper than 3rd shift, too.
|
I. Love. This. Website. The only site I know where you can have a serious conversation regarding networking, right before talking about beer.
|
|
|
05-03-2014, 03:49 PM
|
#8
|
LQ Guru
Registered: Jul 2003
Location: Birmingham, Alabama
Distribution: SuSE, RedHat, Slack,CentOS
Posts: 27,336
|
Quote:
Originally Posted by rubberducky
Ah ha, you sir are awesome. This is the first time I've tried to use this. Last time I had an ubuntu gateway/firewall/monitor so this time I'll try this.
Trying to monitor web usage. Trying to differentiate between those who use facebook all day, and those who check it on their lunch break, and those who are downloading porn. Also, all use separate internet connections.
|
Ahh...so if it's web usage only, then never mind about SNMP and MRTG. While that WILL give you stats, it won't tell you what sites are being visited. Squid is the way to go, along with Sarg (for reporting), and dansguardian (for filtering). Shove a single box between your Internet connection and your internal network, and proxy your HTTP traffic through it.
That said, you are opening an can of worms. Squid does http...NOT https, ftp, ssh, or any other protocol. Bittorrent either...if you have concerns about ANY of that, you're going to rapidly stray into a complex area.
Quote:
I. Love. This. Website. The only site I know where you can have a serious conversation regarding networking, right before talking about beer.
|
They (FINALLY) changed the ridiculous beer laws in Alabama a few years back. Now, the brewing industry brings $3 BILLION a year into the state, and we've got at least 15 breweries I can think of...six in Birmingham alone. And one of the top 25 beer bars in the US.
If anything can make you want beer, babysitting users on a network will.
|
|
|
All times are GMT -5. The time now is 05:43 PM.
|
LinuxQuestions.org is looking for people interested in writing
Editorials, Articles, Reviews, and more. If you'd like to contribute
content, let us know.
|
Latest Threads
LQ News
|
|