tcp port traffic graph

Taking care of your Linux box.

tcp port traffic graph

Postby newbie » Sun Dec 21, 2003 4:47 am

salam

how are u all!

i want to know is there any way to view a specific port traffic graph using mrtg or rrdtools.
like i want to see all the ftp traffic coming to ftp server.

thanks for reading.
newbie
Company Havaldaar Major
 
Posts: 156
Joined: Thu Aug 08, 2002 4:18 am
WLM: usman_fool@hotmail.com
Location: lahore

Re: tcp port traffic graph

Postby lambda » Mon Dec 22, 2003 12:08 am

you need a way to measure traffic, and report it in a format that mrtg (or rrdtools -- the better option) can use. some ftp servers write out a transfer log; you might want to try and massage that into a format you can use with rrdtools.

for my work sites, i use iptraf to log traffic. i set it up to watch http and smtp traffic (the big ones at work), and to log that to a file. i wrote a script that parses the output of iptraf, and runs rrdtool/rrdgraph.

it is a major hack, given that i have to start my script, start iptraf and have it run for 300 seconds, make my script sleep until iptraf ends, do the rrd ops, repeat. it does work, though, and flawlessly.
lambda
Major General
 
Posts: 3452
Joined: Tue May 27, 2003 7:04 pm
Website: http://www.hungry.com/~fn/
Location: Lahore

Postby farhantoqeer » Mon Dec 22, 2003 10:05 am

I dont know about this software much, but it sounds nice by its documents check out http://www.nagios.org/
A: Yes
Q: Is top-posting bad?
farhantoqeer
Major General
 
Posts: 917
Joined: Thu Jun 27, 2002 5:45 pm
Website: http://www.emergen.biz
Location: Karachi

Postby newbie » Tue Dec 23, 2003 1:21 am

thanks very much for ur replies.

lambda i think iptraf is the only easiest way to do this.There was a link at RRDtools site which explains how to use iptraf for rrdtools. but that link is now not working so please send me any doc if u have about it.

farhantoqeer i checked the screenshots of that software and it looks like something else. like its made to view the activity and uptimes of hosts.
newbie
Company Havaldaar Major
 
Posts: 156
Joined: Thu Aug 08, 2002 4:18 am
WLM: usman_fool@hotmail.com
Location: lahore

Re:

Postby LinuxFreaK » Fri Dec 26, 2003 8:12 am

Dear Newbie,
Salam,

nTop Might Help you :)

Best Regards.
Farrukh Ahmed
LinuxFreaK
Site Admin
 
Posts: 5132
Joined: Fri May 02, 2003 10:24 am
ICQ: 82075802
Website: http://www.linuxpakistan.net/wiki/index.php?pagename=LinuxFreak
WLM: f4fahmed@hotmail.com
Yahoo Messenger: f4fahmed@yahoo.com
AOL: linuxpakistan@aol.com
Location: Karachi

Postby newbie » Sat Dec 27, 2003 2:48 am

thanks i have tried that.
exactly not the thing i am looking for but not bad.
newbie
Company Havaldaar Major
 
Posts: 156
Joined: Thu Aug 08, 2002 4:18 am
WLM: usman_fool@hotmail.com
Location: lahore

Postby lambda » Sat Dec 27, 2003 2:18 pm

install iptraf, configure it with the filter you want. i run iptraf in a perl script like this:

Code: Select all

#!/usr/bin/perl -w

use strict;

my $t;

while (1) {
  $t = time();
  system("iptraf -s eth0 -t 5 -L Log.$t -B");
  system("parse-log.pl /var/log/iptraf/Log.$t &");
 sleep(302);
}


exit(0);


this starts off iptraf. it runs for five minutes, then exits, writing out the log file.
the parse-log script sleeps for 5 minutes, then parses the log file.
and then this script repeats.

(i told you it was a hack)

i have iptraf to count smtp and http traffic, so my parse-log.pl script is:

Code: Select all

#!/usr/bin/perl -w

use bytes;
use strict;
use lib qw(/usr/local/rrdtool-1.0.45/lib/perl);
use RRDs;

my $fname = $ARGV[0];
my $httpkbits = 0;
my $smtpkbits = 0;
my $line;

my $tmp;
my $now;

($tmp, $now) = split(/\./, $fname);

# rrd file
my $traffic_rrd = "/var/db/rrd/traffic-web1.rrd";

# graphs we create
my $traffic_graph_h = "/web/naseeb/traffic-w1-hour.png";
my $traffic_graph_d = "/web/naseeb/traffic-w1-day.png";
my $traffic_graph_w = "/web/naseeb/traffic-w1-week.png";
my $traffic_graph_m = "/web/naseeb/traffic-w1-month.png";

sleep(302);

# parse log file for http/smtp traffic
open(L, "< $fname") or die "can't open $fname";
while (<L>) {
  chomp;
  $line = $_;
  if ($line =~ /^TCP\/80:.*, ([.\d]+) kbits\/s$/) {
    $httpkbits = $1;
  } elsif ($line =~ /^TCP\/25:.*, ([.\d]+) kbits\/s$/) {
    $smtpkbits = $1;
  }
}
close(L);

# insert data into the rrd file
RRDs::update($traffic_rrd, "$now:$httpkbits:$smtpkbits");

# graph the data
RRDs::graph("$traffic_graph_h", "--title", "Web1 Traffic", "-r",
            "--start", "now-2h", "--end", "now",
            "DEF:http=$traffic_rrd:http:AVERAGE",
            "DEF:smtp=$traffic_rrd:smtp:AVERAGE",
            "AREA:http#00FF00:http",
            "GPRINT:http:MAX:Max\\: %lg",
            "GPRINT:http:AVERAGE:Avg\\: %lg",
            "GPRINT:http:MIN:Min\\: %lg",
            "GPRINT:http:LAST:Cur\\: %lg",
            "COMMENT:\\s",
            "COMMENT:\\s",
            "STACK:smtp#0000FF:smtp",
            "GPRINT:smtp:MAX:Max\\: %lg",
            "GPRINT:smtp:AVERAGE:Avg\\: %lg",
            "GPRINT:smtp:MIN:Min\\: %lg",
            "GPRINT:smtp:LAST:Cur\\: %lg");

RRDs::graph("$traffic_graph_d", "--title", "Web1 Traffic", "-r",
            "--start", "now-25h", "--end", "now",
            "DEF:http=$traffic_rrd:http:AVERAGE",
            "DEF:smtp=$traffic_rrd:smtp:AVERAGE",
            "AREA:http#00FF00:http",
            "GPRINT:http:MAX:Max\\: %lg",
            "GPRINT:http:AVERAGE:Avg\\: %lg",
            "GPRINT:http:MIN:Min\\: %lg",
            "GPRINT:http:LAST:Cur\\: %lg",
            "COMMENT:\\s",
            "COMMENT:\\s",
            "STACK:smtp#0000FF:smtp",
            "GPRINT:smtp:MAX:Max\\: %lg",
            "GPRINT:smtp:AVERAGE:Avg\\: %lg",
            "GPRINT:smtp:MIN:Min\\: %lg",
            "GPRINT:smtp:LAST:Cur\\: %lg");

RRDs::graph("$traffic_graph_w", "--title", "Web1 Traffic", "-r",

            "--start", "now-192h", "--end", "now",
            "DEF:http=$traffic_rrd:http:AVERAGE",
            "DEF:smtp=$traffic_rrd:smtp:AVERAGE",
            "AREA:http#00FF00:http",
            "GPRINT:http:MAX:Max\\: %lg",
            "GPRINT:http:AVERAGE:Avg\\: %lg",
            "GPRINT:http:MIN:Min\\: %lg",
            "GPRINT:http:LAST:Cur\\: %lg",
            "COMMENT:\\s",
            "COMMENT:\\s",
            "STACK:smtp#0000FF:smtp",
            "GPRINT:smtp:MAX:Max\\: %lg",
            "GPRINT:smtp:AVERAGE:Avg\\: %lg",
            "GPRINT:smtp:MIN:Min\\: %lg",
            "GPRINT:smtp:LAST:Cur\\: %lg");

RRDs::graph("$traffic_graph_m", "--title", "Web1 Traffic", "-r",
            "--start", "now-840h", "--end", "now",
            "DEF:http=$traffic_rrd:http:AVERAGE",
            "DEF:smtp=$traffic_rrd:smtp:AVERAGE",
            "AREA:http#00FF00:http",
            "GPRINT:http:MAX:Max\\: %lg",
            "GPRINT:http:AVERAGE:Avg\\: %lg",
            "GPRINT:http:MIN:Min\\: %lg",
            "GPRINT:http:LAST:Cur\\: %lg",
            "COMMENT:\\s",
            "COMMENT:\\s",
            "STACK:smtp#0000FF:smtp",
            "GPRINT:smtp:MAX:Max\\: %lg",
            "GPRINT:smtp:AVERAGE:Avg\\: %lg",
            "GPRINT:smtp:MIN:Min\\: %lg",
            "GPRINT:smtp:LAST:Cur\\: %lg");

exit(0);
lambda
Major General
 
Posts: 3452
Joined: Tue May 27, 2003 7:04 pm
Website: http://www.hungry.com/~fn/
Location: Lahore

Postby newbie » Sun Dec 28, 2003 1:44 am

thanks a lot mr lambda for sharing.

unix + Perl rocks.
newbie
Company Havaldaar Major
 
Posts: 156
Joined: Thu Aug 08, 2002 4:18 am
WLM: usman_fool@hotmail.com
Location: lahore


Return to “%s” Administration

Who is online

Users browsing this forum: No registered users and 1 guest

cron