Linux Help
guides forums blogs
Home Desktops Distributions ISO Images Logos Newbies Reviews Software Support & Resources Linuxhelp Wiki

Welcome Guest ( Log In | Register )



Advanced DNS Management
New ZoneEdit. New Managment.

FREE DNS Is Back

Sign Up Now
 
Reply to this topicStart new topic
> Kernel Ip Accouting
Robert83
post Oct 28 2004, 07:56 AM
Post #1


Its GNU/Linuxhelp.net
*******

Group: Support Specialist
Posts: 1,439
Joined: 3-January 04
From: Germany
Member No.: 2,069



Hello,

I've found this awesome SITA simple ip trffic accouting thingie...but it needs accouting enabled in the kernel...mine doesn't have (whitebox linux 3.0 latest)

I've downloaded the kernel-unsupported package

but what do I need to modprobe in order to get kernel ip accouting working ...

someone please help me

Sincerly
Robert B


--------------------
Robert Becskei
robert83@linuxhelp.net
--------------------
May the source be with us!
--------------------
AMD X2-3800 @ 2400Mhz
2048MB DDR 400Mhz
DFI Lanparty UT4 NF4 ULTRA-D
GeForce 7800GT
250GB+250GB
Pioneer DVD-RW
17inch Samsung Syncmaster 757NF
WinXP Pro (SP2)/ CentOS 4.3
--------------------
Go to the top of the page
 
+Quote Post
hughesjr
post Oct 29 2004, 06:56 AM
Post #2


Its GNU/Linuxhelp.net
*******

Group: Admin
Posts: 3,433
Joined: 25-July 03
From: Corpus Chrsiti, TX, USA
Member No.: 1,151



I have downloaded the SITA product (from here), but haven't installed it yet ... what tells you that kernel accounting isn't on (or references kernel accounting)? I don't see anything about it in the manual.

The only thing I see in the kernel config file is called BSD Process Accounting in the (General section of the make menuconfig). That is turned on by default...


--------------------
Johnny Hughes
hughesjr@linuxhelp.net
Enterprise Alternatives: CentOS, WhiteBoxEL
Favorite Workstation Distros (in order): CentOS, Gentoo, Debian Sarge, Ubuntu, Mandrake, FedoraCore, Slackware, SUSE
Favorite Server Distros (in order): CentOS, WhiteBoxEL, Debian Sarge, Slackware, Mandrake, FedoraCore, Gentoo, SUSE
Go to the top of the page
 
+Quote Post
Robert83
post Nov 1 2004, 03:11 AM
Post #3


Its GNU/Linuxhelp.net
*******

Group: Support Specialist
Posts: 1,439
Joined: 3-January 04
From: Germany
Member No.: 2,069



Hi,

it's working now, but for some reason it aint working ok.

as you know I've got 3 subnets 192.168.0.x 192.168.1.x 192.168.2.x (and SITA manual says this is ok with them), I connect to the NAT/Proxy Server (SITA IS INSTALLED HERE) and the nat/proxy server connects to the firewall.

basiacly


client 1 (192.168.1.250) ---> eth1 (NAT/Proxy) eth3--->eth0 FIREWALL eth1 --> INTERNET

I've setup eth3 and 192.168.10.2 in the SITA webconfig (this is the interface that is used for outgoing traffic (to the firewall...then to the internet) but for some reason SITA count upload for client 1 and download for the proxy server itself 192.168.10.2 , can anyone tell me why is this happening to me, what is wrong with this config?

do I need to put another server for just accouting before my NAT/Proxy server, and how should this look like ?

Sincerely
Robert B


--------------------
Robert Becskei
robert83@linuxhelp.net
--------------------
May the source be with us!
--------------------
AMD X2-3800 @ 2400Mhz
2048MB DDR 400Mhz
DFI Lanparty UT4 NF4 ULTRA-D
GeForce 7800GT
250GB+250GB
Pioneer DVD-RW
17inch Samsung Syncmaster 757NF
WinXP Pro (SP2)/ CentOS 4.3
--------------------
Go to the top of the page
 
+Quote Post
hughesjr
post Nov 1 2004, 07:21 AM
Post #4


Its GNU/Linuxhelp.net
*******

Group: Admin
Posts: 3,433
Joined: 25-July 03
From: Corpus Chrsiti, TX, USA
Member No.: 1,151



When you use a proxy server, the output of the proxy contains the IP of the proxy server, not the client ... which is why you can block all port 80 and 443 out (except from the proxy server) and force people to have to use the proxy server to surf the web.

So, if you want to measure web traffic of individual clients, you would need to measure it before (or maybe at) the proxy server.


--------------------
Johnny Hughes
hughesjr@linuxhelp.net
Enterprise Alternatives: CentOS, WhiteBoxEL
Favorite Workstation Distros (in order): CentOS, Gentoo, Debian Sarge, Ubuntu, Mandrake, FedoraCore, Slackware, SUSE
Favorite Server Distros (in order): CentOS, WhiteBoxEL, Debian Sarge, Slackware, Mandrake, FedoraCore, Gentoo, SUSE
Go to the top of the page
 
+Quote Post
Robert83
post Nov 1 2004, 10:24 AM
Post #5


Its GNU/Linuxhelp.net
*******

Group: Support Specialist
Posts: 1,439
Joined: 3-January 04
From: Germany
Member No.: 2,069



Hi,

thanx for the reply , I just did that and its causing problems, eth0 eth1 eth2 is for the three subnets and eth3 is connected to the firewall (I'm talking about the NAT/Proxy Server)...

so I will try now the following setup SITA to listen on eth1 and to 192.168.1.250 as the output interface...maybe that will work ok for atleast subnet 192.168.1.x;

and after that don't know how...but it would be great to solve this stuff on one computer...(I'll compare the price and the risk factor...)

Sincerely
Robert B


--------------------
Robert Becskei
robert83@linuxhelp.net
--------------------
May the source be with us!
--------------------
AMD X2-3800 @ 2400Mhz
2048MB DDR 400Mhz
DFI Lanparty UT4 NF4 ULTRA-D
GeForce 7800GT
250GB+250GB
Pioneer DVD-RW
17inch Samsung Syncmaster 757NF
WinXP Pro (SP2)/ CentOS 4.3
--------------------
Go to the top of the page
 
+Quote Post
Robert83
post Nov 1 2004, 10:55 AM
Post #6


Its GNU/Linuxhelp.net
*******

Group: Support Specialist
Posts: 1,439
Joined: 3-January 04
From: Germany
Member No.: 2,069



Hi,

well I'm not suprised that it aint working (why would it ? smile.gif ) , so ummm... question :

I need another 2 computers to be able to measure the traffic for all three subnets.

like this :

---------------------------------PC1---------------------------------------------------
192.168.0.x ---> eth0 (192.168.0.248) router SITA installed here eth1 (192.168.0.249) --> 192.168.0.250 eth0 NAT/Proxy Server ---> eth3 ---> Firewall ... Internet
192.168.1.x ---> eth2 (192.168.1.248) router SITA installed here eth3 (192.168.1.249) --> 192.168.1.250 eth1 NAT/Proxy Server ---> eth3 ---> Firewall ... Internet

----------------------------------------------------------------------------------------

---------------------------------PC2---------------------------------------------------
192.168.2.x ---> eth0 (192.168.2.248) router SITA installed here eth1 (192.168.2.249) --> 192.168.2.250 eth2 NAT/Proxy Server ---> eth3 ---> Firewall ... Internet
----------------------------------------------------------------------------------------

good :
1. it's impossible to cheat in this scenario (right?, since the proxy server [internet] is not accessable directly...it can be only accessed via the router)

bad :
2. I need two computers (300mhz sorta thingie with 128MB ram...and 3.2GB hdd)

If anyone has some ideas about this please do tell me , I hope that by seeing the above configurations for pc1 and pc2 you can see how my network looks like (the internet gateway part)


Sincerely
Robert B


--------------------
Robert Becskei
robert83@linuxhelp.net
--------------------
May the source be with us!
--------------------
AMD X2-3800 @ 2400Mhz
2048MB DDR 400Mhz
DFI Lanparty UT4 NF4 ULTRA-D
GeForce 7800GT
250GB+250GB
Pioneer DVD-RW
17inch Samsung Syncmaster 757NF
WinXP Pro (SP2)/ CentOS 4.3
--------------------
Go to the top of the page
 
+Quote Post

Reply to this topicStart new topic
1 User(s) are reading this topic (1 Guests and 0 Anonymous Users)
0 Members:

 



RSS Lo-Fi Version Time is now: 12th December 2017 - 04:38 PM