[plug] Bandwidth reports on firewall

[Adrian Woodley]

I hacked up a munin plugin to work with PostgreSQL and iptables/ulog 
which worked pretty well. The plugin itself is largely unnecessary - 
once you've got the ulog data into PostgreSQL (or MySQL) you can do 
whatever analysis you like.

I've you ask nicely and bat your eye-lashes, I might be able to dig up 
the appropriate scripts to set it up.

Adrian

Mark Slatem wrote:
> Hey all,
> 
> We have quite a few security appliances running at client sites, mainly 
> using the open source Endian firewall, I want to be able to pull reports 
> for a specific ip address on the network and see bandwidth usage in and 
> out the firewall, as well as times of the day content was downloaded 
> etc. I have a found a script called "squint" whick works quite nicely, 
> but unfortunately this only works by examining the squid proxy logs, and 
> does not report on other type of traffic like smtp, peer to peer. Endian 
> also has NTOP on it which has detailed information, but as soon as the 
> adsl connection get droped and a new ip assigned, then the ntop stats 
> are reset, AFAIK this is how NTOP works and there is no way to get it to 
> keep the stats.
> 
> Anyone know of a good solution,  that preferably is lightweight and has 
> a web frontend  that can be used to generate reports?
> _______________________________________________
> PLUG discussion list: plug at plug.org.au
> http://www.plug.org.au/mailman/listinfo/plug
> Committee e-mail: committee at plug.linux.org.au