Koozali.org: home of the SME Server
Legacy Forums => General Discussion (Legacy) => Topic started by: Sasha on May 29, 2000, 10:15:48 PM
-
In v4b7, how can one establish/ monitor which workstation on a network is causing the modem to dial out ?
-
Sasha,
I don't think there is any way to do what you have requested without making your own customizations to the e-smith product. See the developers site at www.e-smith.org to learn more about customizing the e-smith server and gateway. You should be able to use IPCHAINS to detect and monitor outgoing tcp requests and log the source ip, or more reliably, the hostname of the machine making the request. This is just an idea since I am no expert.
Here is link to an IPCHAINS HOWTO:
http://heaven.hamline.edu/LDP/HOWTO/IPCHAINS-HOWTO.html#toc4
sincerely,
brian
-
you can use the console and "tcpdump" which I am sure is installed by deafult. the only problem i see is a novice isn't going to be able to understand most of the output. If you feel you can understand it I suggest a "tcpdump | grep eth0" and watch for the packets that causing the dialing and the ip of the machine will be in the same line. A "ipchains -M -L" or a "netstat -M" from the console will also tell you once the link is up what ip masqs are going on, this may be a little easier to distinguish what internal machine is making contact out to the net.
Try both But if you are unfamiliar with packets then I suggest the latter as it will just state the internal ip/ destination and ports used and be far easier to interpret.
Once I figure out this configuring the web based part of e-smith I may make a page that will have an ongoing list of masqs and also a tail of the messages log as I myself have put in a firewall and I am one of those that love to watch the hits on the firewall to see what people are up to. right now I have it logging to tty8 which is cntrl-alt-F8 but If I have time I will change this too the web part so i can remotely monitor it.
Hope this helps