SOLVED Re: Connection tracking.

Σταμάτης Κεκές skekes at pylones.gr
Mon Jul 14 08:50:06 EEST 2003 

Stoilis Giannis wrote:

> Σταμάτης Κεκές wrote:
>
>> Kalo kai to argus alla exo vrei kati kalytero kai aploustero.
>> Exo vrei to net-acct+mysql to opoio mou logarei ta connections se mia
>> mysql database gia analysi.
>>  Exei megali leptomereia stis rythmiseis kai "mazeyei" ta panta pou 
>> pernane apo to diktyo.
>> Apo keei kai meta einai stin eyxaireia tou xristi na kanei oti thelei me
>> ta data pou perisylegei.
>> Filika
>>   Stamatis
>
>
> Ouch...
> To xrhsimopoihsa gia ligo kai den mou arese...
> - einai ligo unstable. Xwris kaneno logo, psofouse. 

Akoma den to exo valei se production alla omos tha enimeroso ti lista me 
ta apotelesmata.

>
> - afhne arketa skoupidia. Ypoti8etai oti htan arketa eksupno wste na 
> katagrafei se arxeia oti dedomena den prolabaine na sthlei sthn bash 
> logo problhmatwn, alla pote den skefthke na sbhsei ta arxeia auta. 

Ayta pros to paron mporo na ta svyno me ena cron job

>
> - 8umamai oti me paidepse ligo sto configuration... Psilo cryptic 
> htan... prin basisteis epanw tou, sigourepsou oti katagrafei ola ta 
> paketa pou se endiaferoun... Peiramatisou... 

Mexri stigmis katagrafei ola ayta pou thelo. To provlima mou einai oti 
gemizei poly grigora ti vasi alla me kana perloscripto tha to lyso to 
provlima kanontas summarization ton eggrafon kai svynontas tes meta 
giati den thelo kai tosi analysi osi mou dinei.

>
> - Einai ligo baru. Kanei monimws dump sthn mysql, kai kanei to 
> mhxanhma na shkwnei load. Oxi toso oso na dhmiourgei problhmata, 
> arketa omws wste na ftanei sta oria tou. 

Nai an "fouskosei" i vasi poly tote to mixanima arxizei na sernetai. 
Apla pisteyo oti ena summarization einai pou xreiazetai efoson den 
apaiteitai i analytiki eggrafi. Ayto mporei na ginei kathe pou 
symplironontai 300 rows ston pinaka opote etsi den thasikonei kai poly 
load pisteyo. Tha deiksei stin praksi ti kanei.

>
> - Meta brhka to EKSAIRETO flowtools. Sta8erothta mexri ahdias. POTE 
> den mou parousiase oute ena problhma, edw kai 6 mhnes. Esena mallon 
> den sou kanei, giati den aneferes an exeis cisco. Parolauta, analuw:
> Xrhsimopoiei ta Cisco Netflows pou mporei na sou petaei enas cisco kai 
> ta kanei dump sthn bash me akoma megaluterh leptomereia apo to nacctd. 
> Ekana parallhla kai merika scriptakia pou to export to kanoun se 
> epilegmeno table ana mhna kai meta to antigrafoun se allo table, 
> analoga me thn xrhsimothta tou ka8e record, sbhnontas ta palia. Apo 
> ekei kai pera, twra eimai sthn fash pou grafw ena php fronend gia ola 
> auta.
> Shmeiwsh: Kai to nacctd Kai to netflow mporoun na gemisoun POLY thn 
> bash. H mysql kai ta MyIsam tables apodeix8hkan aneparkh sto xeirismo 
> tables me panw apo merika ekatomuria eggrafes. An kaneis to la8os kai 
> kaneis ena "select *" kai oi eggrafes einai parapanw apo 10000, mporei 
> na perimeneis mexri kai 5 lepta(!) mexri na pareis to prwto row, kata 
> thn deirkeia twn opoion, h mysqld shkwnei 100% load. Pera apo to 
> corruption, pou sunebaine mia fora ton mhna, xwris idiaitero logo. 
> Paizw twra me InnoDB kai ta pragmata einai arketa kalutera... 

Kalo einai apla ego ithela se Linux ayto kathayto opote den mou kanei. 
Ta flowtools einai pragmati eksaireta stis epidoseis tous.

>
>
> Me to flowtools mazeuw se arxeia poy pianoun peripou 20kbytes / 15 
> lepta traffic 256kbit kai ta kanw dump sthn bash mesa sthn nuxta, gia 
> na ta brw etoima thn epomenh mera. Trexoun automata scriptakia pou 
> ftiaxnoun summaries tou traffic, opote den poluaggizw tous pinakes me 
> ta ekatomuria records.
>
> Allo pleonekthma tou flowtools, einai to oti mporeis na to 
> egkatasthseis se opoiodhpote mhxanhma sto diktyo, kai oxi anagkastika 
> ston proxy me tis duo kartes diktyou pou brisketai se kombiko shmeio. 
> Ton proxy prospa8w na ton afhsw oso pio elafru ginetai. o cisco mporei 
> na sou sthlei ta flows se opoio ip tou dhlwseis.
>
> Telos, allo ena pleonekthta twn flows, einai se periptwseis pou 
> xrhsimopoieis NAT. An kaneis apla sniffing me to nacct, 8a blepeis 
> traffic apo ton nat server sou pros ta eksw, xwris na mporeis na to 
> antistoixhseis me to eswteriko traffic. To netflow protocol exei 
> problepsh kai gia auto, opote parolo pou exw nat, kserw se poio client 
> antistoixei...
>
> Parepiptontws, ola ta programmata traffic analysis (pou kostizoun 
> merika ekatomuria) uposthrizoun netflow. Einai arketa standard, kai 8a 
> breis polles plhrofories sto internet...
>
> Auta... An 8eleis parapanw plhrofories, enhmerwse me... Asxoloume me 
> auto to project peripou 1,5 xrono... Otan ginei stable, 8a to bgalw 
> kai gia download (stable GPL network accounting & billing system, me 
> php frontend).
>
> - Giannis
>
>
>
>

Na'sai kala Johny :)
Me katatopises pliros :)
Filika
  Stamatis

More information about the Linux-greek-users mailing list