Topic: Per IP bandwidth monitoring

[Kevin M]

Hi

I have been searching for something to keep track of bandwidth usage on a per ip basis for the internal lan. Need to be able to attribute usage etc. Tis a shame that 6.03 doesn't include a handy feature like this.  I discovered ipfm and scr_ipfm (on freshmeat.net) the other day and this seems to do it and would be useful. ipfm is the moinitoring code an scr_ipfm is a small php application to produce the requisite usage charts/graphs. It would miss email retries etc but will be close enough.

The link to the RPM at the developers site is broken so I copied the tarball, got the dev files (for 5.6) installed everything, redid the upgrades and tried to compile. I could not get it to compile (missing .h and other files). I am not sure what rpm is missing to get the .h etc but it seems to be kernel related I then tried to do a kernel build so a make install would put everything right but no luck their either.  

Has anyone got this working (or something similar) and if so could you tarball up the tree with compiled files so I can 'make install'. Even better an rpm :-} I am going to try on a 6.03 install as well but need to get it running on a 5.6 gw.

Any help appreciated,
Kevin

[Byte]

to compile these things you need the dev tools which you can find over at http://wiki.contribs.org/


Please remember that having dev tools increases security risks so you might want to compile on another machine

[Michael Smith]

SARG will do it and there's even a contrib somewhere ... No devtools necessary.

[Kevin M]

Thanks

RE dev tools - yes installed all them but still no go.

Checking out SARG now

Regards
kevin

[Jim Danvers]

Kev'...

Post back (if you would please) on how you make out w/SARG.  You still planning on testing on the 6.0 box first?  Thats what I'm presently running..  If you can get it to run on that using contrib documentation/how-to, that'd be sweet.  

Thanks!

-=- jd -=-

[Kevin M]

Well I finally found a copy of SARG but it isn't clear which SME version it will run on, so I assume all. Unfortunately contribs has poor usability and is a difficult place to find a package from its name - the search didn't return anything so I tried each person in turn and many clicks later found it under dmay and someone else, after an hour or so.

Installed on a 5.6 machine. The same machine has modindex and webshare on it. At this time all I get back is a modindex response with a file type missing. Each reload is a different response id/name so it is a save to have a look at the response. Installed and running but nothing to report at this time.

Trying a few other packages/contribs - netprobe and ntop - neither work correctly due to install problems. Ntop I am still looking, netprobe I might look into.  

Had a dig around to see what sarg does and it looks like it only parses the squid log files. Handy but only part of the traffic for a normal user - ours have remote pop/smtp, netmeeting, ftp etc etc. Looks like persisting with the earlier package is a better option for tracking usage by IP. Will report back when I have something more to add.

Regards
kevin

[Cyrus Bharda]

Kevin,

I run netprobe fine on my 5.6 machine and there is no reason why it should not run on 6.0B3?

I love netprobe, shows every conversation between every computer, local and remote and which port it was made on, very good for finding out who is downloading via p2p or sending huge emails or if one computer is blaster infected, etc etc etc.

Have you installed netprobe via my howto?

ntop was very confusing for me which is why I went to netprobe.

As we get charged for every bit of data that comes to and goes from us, when we get a huge bill, and my boss freaks I can tell him exactly where the data went to!

If you have any problems with netprobe, drop us a line, I dont mind helpin out!

Cyrus Bharda

[Kevin M]

Thanks for the offer - will contact you in the next day or so,

regards
kevin

[Guck Puppy]

Kevin M wrote:

> contribs has poor usability and is a difficult place to find
> a package from its name - the search didn't return anything
> so I tried each person in turn and many clicks later found it
> under dmay and someone else, after an hour or so.

Are you talking about contribs.org?

1. click "contribs weblinks"
2. enter sarg in search box
3. Profit!

G

[Kevin M]

Guck Puppy wrote:

> Are you talking about contribs.org?
>
> 1. click "contribs weblinks"
> 2. enter sarg in search box
> 3. Profit!
>

Hi

Off topic but anyway:

If I go to the home page of contribs.org and select left menu search - the dialog box then presents three separate search possibilities (!). The top and bottom ones return a result if nothing is selected in the category drop down, but nothing if the dropdown is selected (more below). Look at the left menu and a reasonable possibility is contribs file library (looking for a contib file after all) - doesn't work - just a list of contributors names. Your weblinks suggestion would typically indicate a seach of a page of links to probably offsite material  - anyway I tied it just now and yes it returned a sarg - along with the definitive link to the contrib - but wait for it - its broken. So back to a hand hunt/peck mode.

After that I went to the contrib area and proceded to click painfully up and down each one. Inconsistent positioning/stucturing of buttons, buttons too small,  inconsistent tree structures, no means to identify/locate a file except by hand location., poor description for each contrib., contradictory facilities (search), misnamed facilites (weblinks) etc etc.

I rest my point.

Was a task analysis performed/implemented of how an user (maybe an irregular user) might try to find a file or a contrib/howto to suit a need with name unknown?

I like the contribs concept and use it - its just the usability issues that let it down.

Kevin
(HCI lecturer/specialist)

[Guck Puppy]

Kevin M wrote:



> I rest my point.

> I like the contribs concept and use it - its just the
> usability issues that let it down.

> Kevin
> (HCI lecturer/specialist)

Oh well in that case...  I had a good old sympathetic giggle at your response, and then the bombshell that this is your area of expertise - nicely done

Of course, I have to agree that the interface is sucky - and on reflection it did take me some time to figure out WHICH link to go to do decent, meaningful searches.

If I may make so bold, maybe you should offer your services to http://phpwebsite.appstate.edu/ - the people who make the app contribs.org uses?

G

PS. I think this is not at all off-topic!