[TriLUG] help with mrtg
    Aaron S. Joyner 
    aaron at joyner.ws
       
    Sat Mar 20 09:04:24 EST 2004
    
    
  
>
>
>How to "turn on" SNMP so that my machine logs traffic statistics (please
>correct my jargon
>
In your situation, with some simple shell scripts and a bit of know-how, 
you can bypass the SNMP problem all together.  MRTG is great for 
graphing traffic on router interfaces, temperature, cpu usage, memory 
usage, etc - but if you're only doing local monitoring SNMP is 
unnecessary overhead. 
A few prerequisites which I'm going to assume you can handle so as not 
to make this email longer than it has to be:
1) You can configure iptables to monitor the traffic with a simple 
ACCEPT rule, which will count all packets it touches.
2) You can configure apache to share out a single directory and know how 
to then access that directory with a web browser (or you can depend on 
the preconfigured setup that it sounds like came with your RedHat 
distribution).
Just as a cursory mention, for your situation, basic iptables rules like 
this would suffice:
iptables -A INPUT -j ACCEPT
iptables -A OUTPUT -j ACCEPT
(although it's helpful to define source or destination in one of them, 
so that you can match them separately in the grep's below)
If I've over-assumed on any of those, feel free to make another post to 
the list and we'll get you squared away.  Don't mind laying those out, 
just wanted to try to simplify.
I recently had reason to do this, and found the available scripts from 
the contrib directory to be a bit... "lacking".  They were actually all 
overly complex, I just wanted a quick hack to monitor 1 input and one 
output rule, which would be associated with the traffic from a linux 
Desert Combat game server.  Add in a few entries to your mrtg.cfg file 
("locate mrtg.cfg" if you're not sure where) to describe your 
interfaces, and you're good to go!
Let's start off with the entries you'll need in the mrtg.cfg:
# /etc/mrtg.cfg
# Global MRTG Options
WorkDir: /home/mrtg
Options[_]: growright,bits
# Note: these are only suggestions - /home/mrtg is probably already
# defined in your distro-provided cfg file, and is also probably already
# shared with apache - if so, use that, to save you a few steps.
# Target specific options
Target[gameserver]: `/path/to/shell-script.sh`
Title[gameserver]: Traffic Analysis for Your Server
PageTop[gameserver]: <H1>Traffic Analysis for the traffic on Your 
Server</H1>
 <TABLE>
   <TR><TD>System:</TD><TD>name.example.org</TD></TR>
   <TR><TD>Maintainer:</TD><TD><a href=mailto:aaron at joyner.ws>Aaron S. 
Joyner</a></TD></TR>
   <TR><TD>Interface:</TD><TD>100Mbit Ethernet (UTP)</TD></TR>
   <TR><TD>IP:</TD><TD>192.168.0.1</TD></TR>
   <TR><TD>Max Speed:</TD>
       <TD>12,500 kBytes/s</TD></TR>
  </TABLE>
PageFoot[gameserver]: <HR size=2 noshade>This page was templated by 
Aaron Joyner
MaxBytes[gameserver]: 12500000
WithPeak[gameserver]: ym
Okay, there's your basic mrtg.cfg -- some options will need adjusting to 
suit your network, such as the MaxBytes which will be tweaked to specify 
the max bandwidth of the connection your monitoring.  The
entry is in bytes, not bits -- so if you're using a 1.5MBit DSL you'd 
enter something like 187500 (1500000 bits / 8 bits per byte).  For a 
3MBit cable modem, correspondingly twice that (375000).  The example I 
provided above is for 100MBit ethernet (i.e. monitoring the inside lan 
interface of that connection).  Now you might notice that instead of 
including an SNMP OID and IP address for our target, we've put in a path 
to a script inside backticks.  Let's see what that's all about...
In order to return data to MRTG, your script needs to provide 4 lines of 
output, with 4 predefined values.  The values are in order (paraphrased 
from the MRTG config reference):
The current state of the first variable, normally 'incoming bytes count'
The current state of the second variable, normally 'outgoing bytes count'
A string (in any human readable format), telling the uptime of the target.
A string, telling the name of the target.
So we throw together a simple shell script to dump that output:
#!/bin/bash
# Original Author: Aaron S. Joyner <aaron at joyner.ws>
# This script is here by released under the GPL v2.0
# Please see http://www.gnu.org/copyleft/gpl.html for complete details
# These are the commands which get called, to return the output of our rules
# Note that the regular expression to match your rule is the '' block 
following grep.
INPUT=`iptables -L -v -x | grep 'dpt:14567' | sed -e 's/^ *[0-9]* 
*\([0-9]*\).*/\1/'`
OUTPUT=`iptables -L -v -x | grep 'spt:14567' | sed -e 's/^ *[0-9]* 
*\([0-9]*\).*/\1/'`
# (handle the case of input and output being 0, instead of empty)
if [ "${INPUT}x" == "x" ]; then
  echo "0"
else
  echo $INPUT
fi
if [ "${OUTPUT}x" == "x" ]; then
  echo "0"
else
  echo $OUTPUT
fi
# Print out the remaining two lines which are needed for MRTG
uptime | sed -e 's/.*up \(.*\),.*users,.*/\1/'
hostname -f
That's it -- pretty simple, eh?  At which point, with a little care and 
feeding (and apache configuration which is beyond the scope of this 
email - just share the MRTG WorkDir), you have a running MRTG server 
which can monitor just about anything you can provide values for from a 
shell script!  :)
Hope this helps,
Aaron Joyner
Brian A. Henning wrote:
>Hi Everyone,
>  I just noticed, while staring idly at the output of top, that mrtg
>occasionally chews up a chunk of processor time.  Having dealt with certain
>ISP's mrtg, I thought, "Hey, I know what mrtg is!" and set about trying to
>find out how to view its statistics.
>
>Egad.
>
>Okay, so I am a complete newb in terms of SNMP and its related, um, things..
>(Case in point?)  I tried looking through the mrtg config details, and made
>no sense of it.  About the only thing I could figure out by examining the
>mrtg-related files on my system is that it's not configured to actually *do*
>anything.
>
>Problem is, I have no idea what to tell it to do, nor what to tell it to do
>it do.  It looks like mrtg queries data from SNMP-enabled routing hardware.
>Well, I don't have any standalone routing hardware; the same linux box
>handles the little bit of NATting/routing I need.  Here's what I'd like to
>know, if there is someone patient enough to point me through it:
>
>- How to "turn on" SNMP so that my machine logs traffic statistics (please
>correct my jargon; as mentioned, I really don't know much of what I'm
>talking about here).  Here's some potentially useful information about my
>setup (RH7.3, kernel 2.4.20-20.7):
>  - I'm routing / NATting with iptables.
>  - tc is doing some minor bandwidth limiting
>  - for discussion purposes, my internal iface is eth0, my external iface is
>eth1
>  - what else do I need to know?
>
>- How to tell mrtg to get its stats from the localhost, instead of some
>external appliance
>
>Is there hope for me?
>
>Thanks in advance,
>~Brian
>
>  
>
    
    
More information about the TriLUG
mailing list