How do you count the traffic on the interface, friends ?
I have a router for a medium-size LAN. HTTP-traffic goes through the transparent proxy, logs are parsed with Sarg, so that's the way I look how much megabytes my users 'do' daily.
Now I want to get rid of proxy, just to do sNAT. But I still want to know the daily traffic of my users (even in general, not for each user).
The router is run by Slackware 12.2.
I've got 4 or 5 of these TRENDnet USB network adapters ( TU-ET100c ) that I use frequently when I'm configuring firewalls or IPS devices for customers. I use them in combination with VirtualBox to test. They've always worked great until my new laptop I just got, and I put 10.04 on it. Previously I was on 9.x. Sometimes they will give a link light, other times not. And when they do the interface shows that it's up, but I can't get any traffic across the interface.
[code]...
When setting up an alias for eth0, the interface works as expected for normal traffic, but does not receive broadcast traffic.
Host 1's setup:
Code:
Pinging host 1's normal interface from host 2 works as expected:
Code:
Pinging host 1's alias interface from host 2 works as expected:
Code:
Broadcast pinging from host 2 only gets a reply from host 1's real interface (as well as some other uninteresting devices on the network):
Code:
I have confirmed by listening on both interfaces using netcat, and broadcasting using netcat, and again only the real interface receives data.
Is this by design, or is it possible to get interface aliases to receive broadcast traffic?
Currently I have a server which runs under centOS 5.6. It is dedicated to the VoIP application of my customer.I have a problem for which I have the solution but I didn't managed to achieve it.So, let me explain you the context.Here is the networking aspects of my environment
VoIP Provider_____Gateway_____________My server
ADSL Provider____(non pingable)
x.x.x.2 <====> A.A.A.1 <======> A.A.A.3
[code]....
I'm hoping some of the Linux network experts can help me with this problem.
Situation: I have a technology which is a WebLogic JEE application that communicates to an Oracle database. Everything is installed in a single Linux virtual machine running in VirtualBox. Traffic from the JEE application goes via JDBC over TCP to the local running database. What I want to do is test a new database firewall server that wants all traffic destined for the database to flow via another virtual machine running the DB Firewall software.So therefore want I need to do is have DB traffic forced out over one interface only to return on another interface on the same VM listening on a different address.
JEE application running in WebLogic bound to 192.168.111.12 (eth1 a VirtualBox hostonly interface). Makes a request for 10.0.111.12 (eth2 a VirtualBox internal interface) which the database is listening on. Because both IPs are on local interfaces, Linux is going to handle the traffic and not route the 10.x traffic via the 192.x interface.I also have running the database firewall server which has a bridge (br0) between the HostOnly network and the Internal network.Both systems are running Oracle Enterprise Linux R5U4, which is basically the same as RedHat.What I want to do is have the request for 10.0.111.12 forced out via 192.168.111.12, bridged over the br0 connection and back into 10.0.111.12 and to the database. My networking knowledge is pretty good, but i'm stuck right now on the right way to do this. I'm pretty sure it is possible, I just need clear advice.
Reason for setup: Ideally I would build the system with the database on a separate machine so that I can easily route the traffic. Unfortunately we have many VirtualBox based demonstration systems with both the application and database installed on the same VM and therefore the amount of work to migrate these two dual VMs is going to be significant, also many of these VMs are demonstrated from laptops which have limited resources and creating a new database VM reduces overall performance. If I can create a way to force the traffic in this manner off and back onto the same VM via the other VM bridge, it would be fantastic.
I have a linux router with 2 physical ISPs and a VPN tunnel that all my traffic passes through. I would like to setup a rule to redirect all traffic from one internal IP address (10.0.0.x) through the physical link only. My current script is as follows.
iptables -F
iptables -X
echo 1 > /proc/sys/net/ipv4/ip_forward
[code]....
My goal is to do something similar to the mangle on the tor traffic, but for an entire host.
The task I am trying to complete is the virtualization of an IPv6 router created using two fedora machines. Here is the physical setup I have now...
PC1:eth0 <------> network
PC1:eth1 <------> PC2:eth0
PC1:eth2 <------> PC2:eth1
PC1 runs radvd to provide router advertisements to the network and a DHCPv6 server for stateful addresses.Each interface is configured on a separate subnet. PC2 runs a DNS server on eth0. PC2:eth1 is used as an IPv6 client for testing purposes. The connections from PC1 to PC2 are just crossover cables.I've created virtual machines of both PCs and have created 4 virtual adapters on the host machine for each of the local-only interfaces.Now I have this:
PC1:eth0 = HOST eth0
PC1:eth1 = HOST vboxnet0
PC1:eth2 = HOST vboxnet1
[code]....
I have a DELL running CentOS 5.4 with 2 active NICs, one with an external IP address (eth0) on 123.456.78.9 and another that is connected to our internal network (eth1), 192.168.2.x. When I reboot the server, everything works glowingly. External traffic is correctly routed over the external interface (eth0) and internal traffic over the internal interface (eth1). After some random amount of time, a couple of hours and sometimes a couple of days, all traffic starts getting routed over our internal network, so DNS requests fail, internet pages don't load, smtp connections fail, etc.
I'm assuming that everything that's not headed for our .1, .2 or VPN internal networks would go out the external interface. And why this works for a period of time and then stops working is beyond me. And when external traffic starts going over the internal interface, I just reboot and it starts working like it's supposed to again.
My Ubuntu Box has 3 interfaces. eth0 (Internal 192.168.1.0/24)eth1 (External ISP DHCP)eth2 (External ISP Static IP)I need the outgoing traffic to internet for 1 of the internal pc (192.168.1.10) to only go only go through eth2
View 4 Replies View RelatedI'm looking for a powerful network traffic monitor that can do all of the following (or at least a combination of tools that can do the following):
Tell me how much data was downloaded/uploaded on an interface this month and the previous month tell me how the traffic was used throughout the monthshow which internal IPs (IPs in the 192.168.1.0/24 network) used how much traffic show which ports/protocols on those IPs used all that traffic
Hhow LIVE traffic flow statistics that can tell me total speed of traffic going through an interface as well asshow which internal IPs (IPs in the 192.168.1.0/24 network) are using how much of the traffic show which ports/protocols on those IPs are using that traffic
This tool will run on a linux router through which all my internal PCs are connected to the Internet. This means the tool(s) need to work with NAT (traffic being forwarded and not necessarily destined for the interfaced being monitored).
The distribution being run doesn't have a package manager so any packages or dependencies have to be manually compiled and SCPed over file by file. For this reason, the tool/tools need to be simple (things like vnstat, not things like ntop that have their own web interface).
I know that vnstat can tell me the first bullet point so it's only there incase there's a tool out there that can do everything. If there's a tool that can only do the second or third bullet point, that's great too - I'll just keep using vnstat and look for something else to do the other task.
I need to set up my centOS computer as a firewall in my home network. Ive got 2 interfaces, eth0 and eth1. I want to allow and forward all traffic on eth0 and block all traffic on eth1 except ssh, ping(icmp) and DNS. How do I do this? Ive tried some editing in /etc/sysconfig/iptables but no luck.
View 1 Replies View RelatedI am running Debian Squeeze on an old pc (AMD K62-500) which serves as my multiwan router and torrent box. Internet uplink is provided via a dsl line and 2 wireless canopy modules.
Setup has been generally fine except when connecting/downloading as free user from sites like rapidshare, hotfile, filesonic, etc. The problem arises when I am connected to these sites using the wireless uplinks because of the shared public ip. I don't really download that much using direct download methods so I don't really see myself being a premium user from these sites.
If these sites are on a specific ip or ip range, an entry on the static routing table would have been fine but when I tried using ping, a different ip would appear to reply each time.
I wonder if there can be a solution like using iptables where in traffic to and from these sites will only use the NIC connected to the dsl line.
I wanted to tell my server to block all traffic but US only traffic. So i followed this guide:[URL].. Now I know, it's the best way to help prevent hackers/crackers (doesn't matter to me what they are called. I just have to stop them). My server only deals with US clients anyways so might as well just start right there for my server's security before getting into the brute force and injection preventions. So I got it all done compiled everything moved to the proper directory. I then started to setup my iptables. Like so
Code: iptables -F INPUT
iptables -F OUTPUT
iptables -I INPUT 1 -s *.*.*.* -p tcp --dport 22 -j ACCEPT
iptables -I INPUT 2 -s *.*.*.* -p tcp -j ACCEPT
[Code]...
After seeing that i went digging in the code and figured it was something todo with memory allocation.
At present I have to live with a 5Gb/month data volume limitation. Due to having to monitor this usage, I have been forced to use the software that came with the web dongle - and that means having to use Windows (spit!)
Can anyone recommend a Linux package I could download that readily shows how much data one has uploaded/downloaded over a set period?
Recently I notice that when I'm connected to an vpn server (pptpd) and I'm using it as a default gateway my download and upload speed decreases almost to the half of the usual speed. I made a test using iptables in order to count how much GRE packets are generated (except the real traffic itself) in that way:
Code:
iptables -I INPUT -p gre -j ACCEPT
iptables -I OUTPUT -p gre -j ACCEPT
iptables -I FORWARD -s 172.16.10.101 -j ACCEPT
iptables -I FORWARD -d 172.16.10.101 -j ACCEPT
The first 2 rules match all GRE packets between the pptpd server and client, and the next rules - the traffic between the server and the client.
When I turn the counters to zero and begin to generate traffic (to browse, to download etc.) I see that the GRE packets are even more than these in the FORWARD chain.
So, my question is first of all is my test correct and is it true that so much gre traffic is being generated during the browsing (it becames clear that the traffic is double than if the pptpd wasn't used as a gateway) and if yes - can that traffic be reduced?
I just had an ATT Uverse RG installed. However my Smoothwall router that previously worked fine with the ADSL SpeedStream is no longer accepting an address assignment DHCP ip address from this new gateway. (3800HGV-B)Any thoughts ideas or experience working with this hardware? ATT only supports Windows and Mac
View 2 Replies View RelatedI have a ppp0 entry with post-up options like this
mapping ppp0
map none photon-plus motorola
map timeout: 12
[code]...
We have something on our network that is reaking havoc with our content filter. I am trying to track it down, but so far I have been unsuccessful. We have approximately 500 devices in 100+ different locations spread across 9 states. Looking at each computer is not really feasible.
I need a machine that can sit in between our network and our internet connection and graphically monitor in real time and logs how much traffic each device is sending and receiving. It would need to sit inline so it has to have two nics and be able to pass traffic. The machine also needs to be transparent. Reconfiguration of our routers or workstations is not an option.
I have used ethereal and wireshark before. Ethereal may be a viable option, but wireshark seems to provide lots of information, but no practical way to make use of it. how to set up the box to be a transparent device on the network that will allow internet bound traffic to flow (freely)?
I am loading variables for cXtXdXsX disk names into a script, and at present I have only accounted for there being 3 characters from c to t. I need to change it to a variable recognition so that it can count any number of charcters such as c1t , c10t , or c100t.
I can then take that information and use it with the following string to strip off the lead characters so as to make the 3 in $substr either a variable or redirect to multiple occurrences of raw based on the count returned.
sub raw {
$substr = substr ($_, 3);
$raw1 = substr ($substr, 0, -4);
$raw = lc($raw1);
}
how to count from the c to the t inclusive so I get 3, 4, 5, etc ...
Can one do something like ls|wc on a ftp-server? The ftp command set does not include wc.
I have uploaded lot's of stuff to a net drive and I would like to check the completeness of the files uploaded without counting them by hand.
I would like to write a shell script that displays the number of days, hours and seconds left until a certain date and time. What commands would I use?
View 6 Replies View RelatedI have done some searching around the internet and this site, but I haven't found a good way to count the context switches on a thread in a c++ program I am running. I need to know if it get swapped off of a CPU for correct timing.
View 4 Replies View RelatedIf I read in variables entered by the user, how can I check to make sure the correct number of variables were entered? For example, after reading in a data file and making it into an array, I have:echo "To check the data, enter the first element number, last element number and step size as x y z:"read x y z.It then goes on to start a loop, but what I would like now (before the loop) is a check to see if three variables have been entered, before the rest of the script continues.
I've tried specifying the variables as $1, $2 and $3, but if I echo $#, the value comes out as zero, so it's obviously not working.
how do i count the total number of cfiles in the project.My project is on a solaris machine what is the command that I have to run to know the total count of cfiles in the .pj folder.
View 1 Replies View RelatedI want to compare zone file counting and same name, not records etc of master and slave dns server so that i sure both server contains same copy of the files at a time. Any utility to compare such files in linux?
View 5 Replies View RelatedIs there a way I can count inbound/outbound mails for a particular user? I'm using sendmail as MTA and dovecot for POP3.
View 1 Replies View RelatedI am trying to find the word count of a specific word in a collection of documents, in Linux.
I have tried with grep and ack-grep in combination with wc but I can't seem to come up with a valid combination of pipes :)
I just wrote an html file, but somewhere on the write I lost count of the paragraphs.
In an html file paragaphs starts with <p> and ends with </p>
What I want to know is how to find the valid paragraph.
I used grep '<p>' file_name | grep -wc '</p>' . I dont know if this works.
Is there a way to count the number of errors- an exit variable $? from one function?
The output from the exit variable (either erroneous or correct (1) or (0)) is it possible to add the erroneous one ups?
So this is my code:
Code:
Modification of code I found here. It works, but I don't really know why.
Q1: Why is each filter hit counted only when the conditional is not true?
Q2: I've tried taking the file type, (.old), and put it into a variable for better usability, but then the script fails.