顯示文章

這裡允許您檢視這個會員的所有文章。請注意, 您只能看見您有權限閱讀的文章。


主題 - Jishon

頁: [1]
1
我想使用這個軟體的不在少數吧
網站上沒說 只有在mailing list上公佈
目前似乎比較穩定了
您可以寄送祝福卡片到下面地址

Julian Field
School of Electronics and Computer Science
University of Southampton
Highfield
Southampton SO17 1BJ
United Kingdom

以下是Julian朋友更新最新狀況內容
引用

Hi all,

Hopefully not tempting fate by saying there's good news on Julian.  Just had a call from his dad at the hospital and he reports that Jules is
coming round from under the sedation.    They've been lowering the dose
over the last three days during which he's had no relapses, and this morning Jules woke slightly and managed to give a thumbs up sign.

I saw Jules yesterday afternoon and he was back to a very normal colour, was moving his head and had 'REM'-like eye movement, so was looking then like he was close to coming round.  

It will clearly be quite a while before Jules is in any position to
use a laptop, but the last three days have gone really well, and we'll just need to be patient now as the gently gently recovery continues.

His parents are very keen for people to send cards now (please, no flowers!) and we'll handle these through his work address, so, please, feel free to send your 'get well' cards to:

   Julian Field
   School of Electronics and Computer Science
   University of Southampton
   Highfield
   Southampton SO17 1BJ
   United Kingdom

I'm sure his parents would also be very proud to see a good response;  if you've all used Jules' code it doesn't take much by way of thanks to get
a card in the post :)

Also, every message here was printed out and every one was read to him while
he was under.   We hope he'll be looking through them in person soon!

--
Tim
--
MailScanner mailing list
mailscanner@lists.mailscanner.info
http://lists.mailscanner.info/mailman/listinfo/mailscanner

Before posting, read http://wiki.mailscanner.info/posting

Support MailScanner development - buy the book off the website!

2
Win2000 AD + Samba 3 + Squid Proxy
Jishon (jishon@pchome.com.tw)
歡迎轉載,但請務必保留原出處和作者

前言:
      Squid穩定及強大的功能是其受歡迎的原因, 但在與Windows AD網域整合以提供使用者認證上卻一直是令人頭大的問題, 現在藉由整合samba的winbind,這個問題既可迎刃而解, 也讓您的squid認證方式更加彈性!

目的:
      認證AD網域使用者身份, 提供NT Challenge認證, 配合transparent proxy讓登入AD網域使用者開啟IE時自動登入Squid, 至於Netscape及其他使用plain text的瀏灠器仍然需手動輸入帳號及密碼

環境:
Mandrake 9.2
Samba-3.0.2 (請勿使用3.0.1, 如果使用smb時client端會無法登入)
Squid-2.5STABLE4-1mdk
Perl 5.8.1
Shellwords.pl ( Redhat的perl已內建,  Mandrake請另外安裝)
Authen::Smb (Perl Module請Redhat另行安裝)
libkrb51-1.3-3mdk (Redhat應是krb5-libs)
Windows 2000 AD Native Domain

安裝方式:

安裝SAMBA, 將squid主機加入AD網域成為member server
1.這邊使用samba-3.0.2的SRC.RPM檔
# rpm -i samba-3.0.2.xx.src.rpm
修改/usr/src/RPM/SPECS/samba3.spec
在CFLAGS="$RPM_OPT_FLAGS $EXTRA" ./configure \這段最後加上
代碼: [選擇]
--with-winbind \
--with-winbind-auth-challenge

重編samba
# rpmbuild --bb samba3.spec
安裝
# rpm -Uvh samba-3.0.2.xx.rpm

2.修改smb.conf 在global區加入
代碼: [選擇]
workgroup = NTDOMAIN
realm = NTDOMAIN.COM            
security = ADS                      #AD網域模式
password server = DC           #你的Domain Controller
encrypt passwords = yes
idmap uid = 10000-20000
idmap gid = 10000-20000
winbind enum users = yes
winbind enum groups = yes
template shell = /bin/bash              #選擇性
template homedir = /home/%D/%U
winbind use default domain = yes

3.修改krb5.conf
代碼: [選擇]
[realms]
NTDOMAIN.COM = {  # 注意 : NTDOMAIN.COM要大寫!!
kdc = dc.ntdomain.com # 你的DC
}

4.將主機加入網域
# net ads join -U adminuser%password (具有加入網域權限使用者)
5.修改/var/lib/samba/winbindd_privileged的目錄權限為750, 群組squid, 讓squid可以讀取winbind的socket.
6. 設定與DC溝通時的使用者
# wbinfo --set-auth-user=user%password (具有一般權限使用者即可)
7.啟動winbind
# service winbind start

修改Squid設定
1.重編squid, 以source rpm為例
# rpm -i squid-2.5STABLE4-1mdk.src.rpm
修改/usr/src/SPECS/squid.spec
代碼: [選擇]
--enable-auth=ntlm,basic \
--enable-basic-auth-helpers=winbind \
--enable-ntlm-auth-helpers=winbind \
--enable-external-acl-helpers="winbind_group,wbinfo_group"

並在%files加入
代碼: [選擇]
%attr(755,root,squid) %{_libexecdir}/wbinfo_group* # 為了找出這行可累了>_<
# rpmbuild --bb squid.spec
# rpm -Uvh squid-2.5STABLE4-1mdk.i586.rpm

2.修改squid.conf , 這邊只介紹重點, 其餘請自行參考相關文章
代碼: [選擇]
# NT challenge Authentication for IE
auth_param ntlm program /usr/bin/ntlm_auth --helper-protocol=squid-2.5-ntlmssp
auth_param ntlm children 5
auth_param ntlm max_challenge_reuses 0
auth_param ntlm max_challenge_lifetime 20 minutes

# Plain Text Authentication for others
auth_param basic program /usr/bin/ntlm_auth --helper-protocol=squid-2.5-basic
auth_param basic children 5
auth_param basic realm Squid proxy-caching web server
auth_param basic credentialsttl 2 hours

#
external_acl_type NT_global_group ttl=300 %LOGIN /usr/lib/squid/wbinfo_group.pl

#
acl UserGroup external NT_global_group "/etc/squid/usergroup"

# 允許該群組者存取
http_access allow UserGroup


3.為了讓程式可以檢驗複數群組,並對應Samba3.0.2(wbinfo -r結果與前版不同)需動手修改/usr/lib/squid/wbinfo_group.pl
代碼: [選擇]

#!/usr/bin/perl -w
#
# external_acl helper to Squid to verify NT Domain group
# membership using wbinfo
#
# This program is put in the public domain by Jerry Murdock
# <jmurdock@itraktech.com>. It is distributed in the hope that it will
# be useful, but WITHOUT ANY WARRANTY; without even the implied warranty
# of MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.
#
# Author:
#   Jerry Murdock <jmurdock@itraktech.com>
#
# Version history:
#   2002-07-05 Jerry Murdock <jmurdock@itraktech.com>
#               Initial release
#
#   2003-12-16 Jim Barber
#               Added mutiple Group check in Group file

# external_acl uses shell style lines in it's protocol
require 'shellwords.pl';

# Disable output buffering
$|=1;

sub debug {
        # Uncomment this to enable debugging
        # print STDERR "@_\n";
}

#
# Check if a user belongs to a group
#
sub check {
        local($user, @group) = @_;
        local($group);
        foreach $group (@group)
        {
        $groupSID = `wbinfo -n "$group"`;
        chop  $groupSID;
        $groupGID = `wbinfo -Y "$groupSID"`;
        chop $groupGID;
        &debug( "User:  -$user-\nGroup: -$group-\nSID:   -$groupSID-\nGID:   -$roupGID-");
        return 'OK' if(`wbinfo -r \Q$user\E` =~ /^$groupGID$/m);
        }
        return 'ERR';
}

#
# Main loop
#
while (<STDIN>) {
        chop;
        &debug ("Got $_ from squid");
        ($user, @group) = &shellwords;
        $ans = &check($user, @group);
        &debug ("Sending $ans to squid");
        print "$ans\n";
}


4.建立/etc/squid/usergroup檔, 並加入允許存取squid之AD群組, 內容如
代碼: [選擇]
Domain Admins
Webusers

5.service squid restart


用戶端IE設定:
這邊假設使用已使用Transparent Proxy
預設狀態下IE X.X(小弟忘了)即使用NT-Challenge為登入模式.不需另外修改

3
引述: "cwlvkimo"

大大能教或貼一下方法嗎 ?
"fwlogwatch作每個IP當天流量統計目前只紀錄內至外forward部分"


系統: RH9, IPTABLES 1.2.8

1. 設定相關的iptables rules紀錄所有forward部分 ,請依實際需求設計
代碼: [選擇]
iptables –t nat -A POSTROUTING -s 10.160.10.0/24 -o eth0 -j MASQUERADE
iptables -N IPLOG
iptables -A FORWARD -j IPLOG
iptables -A IPLOG -j LOG  --log-level debug --log-prefix "[IPTABLES ACCEPT] : "
iptables -A IPLOG -j RETURN


2. 設定log接收主機的 /etc/syslog.conf
代碼: [選擇]
kern.=debug /path/to/log/iptables.log
或 kern.=debug @hostname  (如果想轉發給其他機器處理)


3. 修改接收主機的/etc/sysconfig/syslog
代碼: [選擇]
SYSLOGD_OPTIONS="-r -m 0"
若log接收主機是同一台此步驟可跳過

4. 修改接收主機的/etc/logrotate.d 讓log紀錄自動rotate
代碼: [選擇]
/var/log/messages /var/log/secure /var/log/maillog /var/log/spooler /var/log/boot.log /vaer/log/cron /path/to/log/iptables.log {
    sharedscripts
    postrotate
        /bin/kill -HUP `cat /var/run/syslogd.pid 2> /dev/null` 2> /dev/null || true
    endscript
}

修改完成請重新啟動syslogd

5. 到fwlogwatch (http://cert.uni-stuttgart.de/projects/fwlogwatch/)下載fwlogwatch並安裝, 網站有提供多種版本, 以RPM為例
rpm –Uvh fwlogwatch-0.9.3-1.i386.rpm

6. 修改改/etc/fwlogwatch.config下面兩行
代碼: [選擇]
input = /path/to/log/iptables.log (log位置)
parser = n (logfile format)

若要以Real Time方式執行fwlogwatch其他部分參數請依需求修改, 若你只需要定時分析不設也無所謂只要在command mode加入執行參數即可, 請man fwlogwatch

7.原程式有附上一支sh提供批次產生web檔案我直接用它來修改,當然你可以另外寫(/usr/share/doc/fwlogwatch-0.9.3/fwlogsummary.cgi)
代碼: [選擇]

#!/bin/sh
# $Id: fwlogsummary.cgi,v 1.5 2003/03/22 15:02:27 bw Exp $

RECENT="-l 1d"  #產生一天的統計
WEBDIR="/var/www/html/fwlogwatch"
FWLOGWATCH="/usr/sbin/fwlogwatch"

if [ ! -d $WEBDIR ] ; then
  echo "Directory $WEBDIR does not exist!"
  exit
fi

if [ ! -f $FWLOGWATCH ] ; then
  echo "$FWLOGWATCH not found!"
  exit
fi

if [ -z $1 ]
then
  MESSAGES="/path/to/log/iptables.log"
else
  MESSAGES="$1"
fi

# 參數部份請man fwlogwatch
# -w:html輸出, -t:記錄起始時間, -z:連線時間, -S:不顯示來源IP, -o:輸出檔
# -D:不顯示目的IP, -d:目的Port, -s:來源Port, -n:DNS解析, -N:服務名稱解析
# -b: byte總計, -O:排序方式
$FWLOGWATCH $MESSAGES $RECENT -w -t -z -S                              -o $WEBDIR/dst.html
$FWLOGWATCH $MESSAGES $RECENT -w -t -z    -D                           -o $WEBDIR/src.html
$FWLOGWATCH $MESSAGES $RECENT -w -t -z          -d                     -o $WEBDIR/src_dst_dp.html
$FWLOGWATCH $MESSAGES $RECENT -w -t -z       -s -d    -n               -o $WEBDIR/all.html
$FWLOGWATCH $MESSAGES $RECENT -w          -D          -n    -b -O tabd -o $WEBDIR/src_sum.html
$FWLOGWATCH $MESSAGES $RECENT -w          -D    -d    -n -N -b -O tabd -o $WEBDIR/src_service_sum.html


8.若使用apache2.x請將log檔權限改為可讓apache讀取
代碼: [選擇]
chown root:apache /path/to/log/iptables.log
chmod g+r /path/to/log/iptables.log


9.自行寫個index page放到 /var/www/html/fwlogwatch目錄

10.利用cron排程執行/usr/share/doc/fwlogwatch-0.9.3/fwlogsummary.cgi產生報表輸出

建議: 如果log檔很大還是建議將log交給其他主機處理,並將名稱解析關閉
           當然iptable log主機RAM不能太小..............

另外不知怎麼把iptables log的rotate時間縮短?? 目前是跟著syslogd一星期rotate乙次, log檔案會很大,  請各為自行試試囉

4
呃....第一次使用新標題提問題請學長們多多指教

弟使用iptables的log功能搭配fwlogwatch作每個IP當天流量統計
目前只紀錄內至外forward部分
作NAT的電腦系統為RH9, 只啟動幾個必要服務
由於該點會上INTERNET的電腦數目不多
因此使用128MB的記憶體的舊主機^^"(小弟居然忘了加RAM)
結果電腦隔一陣子所有服務都會停止, 跟當機沒兩樣,最重要的dhcpd掛了
查了一下log發現是out of memory
咦......系統不是會自動調整memory用量

不知道使用log時流量與記憶體數量之間如何搭配呢?(相信是越多越好^^)

5
在板上看到FAX Server的介紹, 花了點時間架設, 跟大家分享, 如有不足還請大家幫忙補充

系統環境: Redhat 8
Modem: 聯強蝙蝠車 MD 56KVT-200 (AT&T Lucent Venus Chip)

1.至 http://www.hylafax.org下載並安裝hylafax, 目前最新版本為4.1.7
在這裡以hylafax-4.1.7-1rh8.i386.rpm為例
# rpm –Uvh hylafax-4.1.7-1rh8.i386.rpm
如果需要將接收的FAX轉為郵件給指定使用者, 那你需要安裝metamail, 或使用uuencode

2.加入Modem設定
 # faxaddmodem
請依實際狀況設定您的modem, 系統會自動判斷Modem的速度及Class,大部分依預設值即可, 如果您的Modem支援度高那就不需修改, 如果很不幸的設定值無法使用, 那麼請到/var/spool/hylafax/config下找各廠牌的Modem設定試試
完成設定後的檔案為 /var/spool/hylafax/etc/hylafax.ttySx

3.預設Fax Server會啟動但卻不會自動掛載在對應的COM PORT
# faxgetty ttyS0  (將其掛載到COM 1)
如果需要開機即啟動你可以將下面這行加入inittab
代碼: [選擇]
S0:2345:respawn:/usr/sbin/faxgetty /dev/ttyS0

# ps –ef | grep hylafax
會有兩行
uucp      3731     1  0 Aug15 ?        00:00:00 hfaxd -i hylafax
uucp      3875     1  0 Aug15 ?        00:00:00 hfaxd -i hylafax
到這個步驟即可用commandline發送fax
# sendfax -n -d 123-4567 testpage

4.接收FAX的部份修改/var/spool/hylafax/etc/FaxDispatch
代碼: [選擇]
SENDTO=FaxMaster; # 給 FaxMaster
FILETYPE=pdf; # 支援pdf及tiff

沒裝metamail需要加一行
代碼: [選擇]
MIMENCODE=bin/uuencode_it;

並產生下面內容的shell script放在/var/spool/hylafax/bin下
代碼: [選擇]
#!/bin/sh
uuencode -m $1 $1 | grep -E -v "^begin|^====$" 2>/dev/null

另可依照傳送者的TSI, Caller-ID,Device指定接收的電子信箱
如果有裝openwebmail那可開個公用帳號給使用者查詢,省的設定麻煩^^

5. 至http://www.boerde.de/~horstf/ 下載respond及printfax.pl, 修改printfax.pl將預設的mgetty改為hylafax
代碼: [選擇]
#    $cmdlinefmt='mgetty';
$cmdlinefmt='hylafax';
### The faxspoolprogram
###   for mgetty+sendfax:
#    $faxspool = '/usr/bin/faxspool';
###   for hylafax:
$faxspool = '/usr/bin/sendfax

另外可以修改下面兩行開啟debug對期初測試有幫助
代碼: [選擇]
$debug = 1;
$nosendondebug = 0;

修改smb.conf增加
代碼: [選擇]
[FAX]
    comment = FAX Server
    postscript = yes
    print command = ( /usr/bin/printfax.pl %I %s %U %m; rm %s ) &
; For WinNT terminal server and Win2000 comment out the previous two lines
; and uncomment the next two if you are using a printfax.pl version below 1.5.0
;   postscript = no
;   print command = (echo -e '1i\n%!\n.\nw\nq'|ed %s; /usr/bin/printfax.pl %I %s
    printable     = yes
    writable      = no
    path          = /var/spool/samba

將respond加到client端電腦啟動列, 並安裝PostScript印表機驅動程式到samba分享出來的印表機上(建議HP LaserJet IIIP PS)
如果嫌一台台去安裝印表機沒效率, 您可以增加samba端的印表機(含server端驅動程式安裝)讓Window Client自動安裝下載印表機驅動程式

I. samba須有root帳號

II.修改smb.conf新增分享
代碼: [選擇]
[global]
    printer admin = root
[print$]
    path = /home/printers
    guest ok = yes
    browseable = yes
    read only = yes
    write list = root


III.建立Driver分享目錄及次目錄
代碼: [選擇]
printers---
        |-W32X86             ; "Windows NT x86"
        |-WIN40               ; "Windows 95/98"
        |-W32ALPHA         ; "Windows NT Alpha_AXP"
        |-W32MIPS           ; "Windows NT R4000"
        |-W32PPC            ; "Windows NT PowerPC"


IV.在Windows 2000 or XP以root帳號登入samba server ( \\server )

V.開啟印表機與傳真, 選擇FAX印表機安裝HP LaserJet IIIP PS驅動程式
驅動程式會被安裝在\\server\print$\W32X86下供W2Kclient使用
95.98.ME則擺在\\server\print$\WIN40

接下就測試將文件列印到Samba的FAX印表機, respond會出現, 輸入目的傳真電話….如果傳送不成功請檢查/var/spool/hylafax/log及/var/log/messages
至於email to fax沒用到這邊就不再說明啦

6.常見問題(自己遇到的^^”…希望大家遇不到)
I.開啟印表機時顯示無存取權限
  此問題發生在”client端手動安裝驅動程式”時容易發生, 請在smb.conf加入
代碼: [選擇]
[global]
        use client driver = yes

或者改採上面將驅動程式放在samba的方式

II.送出的傳真缺行, 重疊或只顯示半行
若為class 2 Modem請改為class 1
若為class 1請調整Modem flow control為xonxoff試試

III.傳真上方的Tagline變亂碼
預設使用英文Portable Compiled Font字型, 但是locale為中文顯示, 修改方式

方法一: 修改/var/spool/hylafax/etc/hylafax.ttySx
TagLineFormat:          "From %%l | %F %T %Z | Page %%P of %%T"
%F %T %Z 參數請man date

方法二: 把字型那行拿掉不顯示Tagline(有些地區是不允許的)
#TagLineFont :            etc/lutRS18.pcf

方法三: 使用X11提供的中文字型
zcat /usr/lib/X11/fonts/misc/taipei20.pcf.gz > /var/spool/hylafax/etc/taipei20.pcf
修改/var/spool/hylafax/etc/hylafax.ttySx
TagLineFont :            etc/taipei20.pcf
這方式沒成功不知有人試過嗎??


Hylafax的功能可不只這些, 還有撥號規則, 離峰時間傳送等
它的功能應該可以滿足大部分人的需求......

6
第一次發表文章, 還請學長們多多指教
在學園吸取很多有用的東西, 希望這篇對初學者有幫助

小弟的網路為Linux及Windows混合環境, 為集中監控伺服器.外點的ATU-R,防火牆故使用Mrtg
但是Mrtg每五分鐘產生資料及圖檔, 為降低伺服器負載改採Mrtg+RRDtool+mrtg-rrd cgi
如此Mrtg每五分鐘資料寫入RRD資料庫, 並不產生png檔,可減輕伺服器負擔
另外RRD對於擷取的間隔時間調整也較彈性

系統環境 Redhat Linux 8.0
MRTG版本: mrtg-2.9.17-8.rpm
NET-SNMP版本: net-snmp-utils-5.0.6-8.80.2.i386.rpm,net-snmp-5.0.6-8.80.2.i386.rpm
RRDTOOL版本: rrdtool-1.0.41-1.8.0.i386.rpm
MRTG主機IP: 192.168.1.10
Windows 2000主機IP: 192.168.1.2, 192.168.1.9
輔助工具: mbrowse for linux GPL MIB圖形化搜尋工具
SNMP4W2K-STD: 安裝在W2K主機, 用於將Windows 2000的Performance Counter轉為標準SNMPv1格式,STD版為免費,安裝完成後請將W2K主機 %system root%/system32/perfmib.mib複製到/usr/share/snmp/mibs 讓snmpd載入, 如果有網路設備的MIB檔可複製到此方便利用MIB Browser搜尋相對應的OID
Mrtg-RRD CGI: 搭配RRDtool的Mrtg流量圖即時產生工具
stat 2.1: linux系統cpu,memory,多種network service的狀態擷取
Perl 5.8.0: 以上大部分的script需要用到

安裝
1. mrtg,snmp的安裝方式請參考netman大的詳細教學
2. rpm -Uvh rrdtool-1.0.41-1.8.0.i386.rpm
3. 如果你想搜尋MIB Tree裏的OID及其詳細資料請安裝mbrowse, 須在Xwindow下執行
4. 在Window 2000系統安裝SNMP4W2K-STD
5. 將mrtg-rrd 0.6解壓縮至/var/www/cgi-bin/mrtg-rrd-0.6
   修改/var/www/cgi-bin/mrtg-rrd-0.6/mrtg-rrd.cgi下面這行  
   
代碼: [選擇]

   BEGIN { @config_files = qw(/etc/mrtg/mrtg.cfg); }
   

   # make      (更改cgi檔案權限,會順便產生Fast CGI檔)
6. 將stat 2.1解壓至/opt/stat
   修改/opt/stat/conf.pm以下部分
   
代碼: [選擇]

### Stat configuration file ###

##general section

#type of unix : LINUX or BSD.
$unix = "LINUX";
#the repertory were you want to store the temporary values
$rep = "/var/tmp/stat/";
#type of grapher : 1 for rrd 100 for mrtg (help to round the value, cause mrtg doesn't support float)
$mrtg = 1;

#下面這段如果是要查remote端linux主機狀況才需要
#our IP or hostname to listen on
$networkhost = '192.168.1.11';
$networkport = '57475'; # stats :-) (this port will need to be open on the box you poll)
#host to allow to poll the statd.pl script
$mrtghost = '192.168.1.10';

#請依實際狀況
##dns stats
#rndc path
$rndc = "/usr/sbin/rndc";
#named.stats path
#$namedfile = "/etc/named/sand/var/run/named.stats";
##mysql section:
$msqluser ="user";
$msqlpass ="password";

##defining the services
$services{"ftp-data"}    = "20";
$services{"ftp"}    = "21";
$services{"ssh"}    = "22";
$services{"telnet"} = "23";
$services{"smtp"}   = "25";
$services{"http"}   = "80";
$services{"pop3"}   = "110";
$services{"news"}   = "119";
$services{"netbios"}   = "139";
$services{"ssl"}       = "443";
$services{"socks"}     = "1080";
$services{"mysql"}     = "3306";
$services{"pgsql"}     = "5432";
$services{"irc"}       = "6667";
$services{"nfs"}       = "2049";
$services{"cvs"}       = "5999";

1;
   

   修改/opt/stat/stat.pl以下部分
   
代碼: [選擇]

   #loading files
   require "/opt/stat/conf.pm";
   require "/opt/stat/help.pm";
   require "/opt/stat/hardware.pm";
   require "/opt/stat/services.pm";
   



接下來就是設定mrtg.cfg
網路設備請設定好利用cfgmaker產生即可,這裡就不多說
代碼: [選擇]

### Global Config Options
WorkDir: /var/www/html/mrtg
IconDir: /mrtg

# 請
LibAdd: /usr/lib/perl5
LogFormat: rrdtool

### 台中ATU-R 雙向ADSL 512k ###
# 以cfgmaker產生
###############################
Target[Taichung]: 1:public@211.xx.xx.xx:
SetEnv[Taichung]: MRTG_INT_IP="211.xx.xx.xx" MRTG_INT_DESCR="Taichung (Traffic)"
Directory[Taichung]: adsl
MaxBytes[Taichung]: 64000
Title[Taichung]: Traffic Analysis for Taichung -- Untrusted
PageTop[Taichung]: <H1>Traffic Analysis for Taichung</H1>


###############################################
# Windows 2000 的系統狀況, 雙CPU
###############################################
# CPU 0
Target[ERPSQL.cpu0]: `/usr/local/bin/snmpcpuinfo.pl 192.168.1.2 public 0`
MaxBytes[ERPSQL.cpu0]: 100
Options[ERPSQL.cpu0]: integer,unknaszero,nopercent,gauge
Directory[ERPSQL.cpu0]: erpsql
Title[ERPSQL.cpu0]: ERPSQL (cpu0)
YLegend[ERPSQL.cpu0]: % Used
ShortLegend[ERPSQL.cpu0]: %
PageTop[ERPSQL.cpu0]: <H1>Processor Utilization CPU0 -- ERPSQL</H1>


# CPU 1
Target[ERPSQL.cpu1]: `/usr/local/bin/snmpcpuinfo.pl 192.168.1.2 public 1`
MaxBytes[ERPSQL.cpu1]: 100
Options[ERPSQL.cpu1]: integer,unknaszero,nopercent,gauge
Directory[ERPSQL.cpu1]: erpsql
Title[ERPSQL.cpu1]: ERPSQL (cpu1)
YLegend[ERPSQL.cpu1]: % Used
ShortLegend[ERPSQL.cpu1]: %
PageTop[ERPSQL.cpu1]: <H1>Processor Utilization CPU1 -- ERPSQL</H1>


#######################################
# Windows 2000 的系統狀況, 1.5G RAM
#######################################

Target[ERPSQL_FREE_COMMIT]: 1.3.6.1.4.1.311.1.1.3.1.1.1.2.0&1.3.6.1.4.1.311.1.1.3.1.1.1.3.0:public@192.168.1.2
MaxBytes[ERPSQL_FREE_COMMIT]: 5120000000
Title[ERPSQL_FREE_COMMIT]: Available vs Committed Byes
Options[ERPSQL_FREE_COMMIT]: integer,unknaszero,gauge
YLegend[ERPSQL_FREE_COMMIT]: Bytes
ShortLegend[ERPSQL_FREE_COMMIT]: Bytes
Legend1[ERPSQL_FREE_COMMIT]: Physical Available Memory (Bytes)
Legend2[ERPSQL_FREE_COMMIT]: Committed Memory (Bytes)
LegendI[ERPSQL_FREE_COMMIT]: Avail:&nbsp
LegendO[ERPSQL_FREE_COMMIT]: Commit:&nbsp
Directory[ERPSQL_FREE_COMMIT]: erpsql
PageTop[ERPSQL_FREE_COMMIT]: <H1>Memory: Free Bytes vs. Committed Bytes on ERPSQL</H1>

##########################
# 監控單一
##########################
Target[ERPSQL_Phy_SQL]: `/usr/local/bin/memoryph.pl 192.168.1.2 public sqlservr`
MaxBytes[ERPSQL_Phy_SQL]: 5120000000
Title[ERPSQL_Phy_SQL]: Physical Memory vs. MS_SQL Used
Options[ERPSQL_Phy_SQL]: integer,unknaszero,gauge
YLegend[ERPSQL_Phy_SQL]:
ShortLegend[ERPSQL_Phy_SQL]:
kMG[ERPSQL_Phy_SQL]: k,M,G
Legend1[ERPSQL_Phy_SQL]: Physical Memory (Bytes)
Legend2[ERPSQL_Phy_SQL]: MS_SQL Memory Used (Bytes)
LegendI[ERPSQL_Phy_SQL]: Max:&nbsp
LegendO[ERPSQL_Phy_SQL]: Used:&nbsp
Directory[ERPSQL_Phy_SQL]: erpsql
PageTop[ERPSQL_Phy_SQL]: <H1>Memory:  Physical Memory vs. MS_SQL Used -- ERPSQL</H1>

##################################
# WIN2000 磁碟E使用狀況. 由MIB => hrStorageDescr (1.3.6.1.2.1.25.2.3.1.3) 查出
# MIB reports on 4096 byte blocks.故 *4
##################################
Target[ANTIVIRUS_disk_E]: 1.3.6.1.2.1.25.2.3.1.5.4&1.3.6.1.2.1.25.2.3.1.6.4:public@192.168.1.9 * 4
YLegend[ANTIVIRUS_disk_E]:
Options[ANTIVIRUS_disk_E]: gauge, unknaszero
MaxBytes[ANTIVIRUS_disk_E]: 38000000000
ShortLegend[ANTIVIRUS_disk_E]:
kMG[ANTIVIRUS_disk_E]: k,M,G
Legend1[ANTIVIRUS_disk_E]: Disk Maximun Space
Legend2[ANTIVIRUS_disk_E]: Disk Used
Legend3[ANTIVIRUS_disk_E]: Max value per interval on graph
Legend4[ANTIVIRUS_disk_E]:
LegendI[ANTIVIRUS_disk_E]: Max:&nbsp
LegendO[ANTIVIRUS_disk_E]: Used:&nbsp
Directory[ANTIVIRUS_disk_E]: antivirus
Title[ANTIVIRUS_disk_E]: Disk E Utilization -- ANTIVIRUS
PageTop[ANTIVIRUS_disk_E]: <H1>Disk: Partition E Utilization -- ANTIVIRUS</H1>


###############################################
#  Redhat 8 MRTG主機
###############################################
# CPU
Target[MS_cpu]: `/opt/stat/stat.pl cpu`
Options[MS_cpu]: nopercent,gauge
Directory[MS_cpu]: ms
Title[MS_cpu]: Monitor Server (CPU)
MaxBytes[MS_cpu]: 100
YLegend[MS_cpu]: % Used
ShortLegend[MS_cpu]: %
LegendI[MS_cpu]: CPU User:&nbsp
LegendO[MS_cpu]: CPU System:&nbsp
PageTop[MS_cpu]: <H1>CPU Utilization</H1>

Target[MS_mem]: `/opt/stat/stat.pl memnocache`
Options[MS_mem]: gauge,noinfo, nopercent
Title[MS_mem]: Monitor Server (Memory)
Directory[MS_mem]: ms
MaxBytes[MS_mem]: 513384000
YLegend[MS_mem]: Byte
ShortLegend[MS_mem]: Byte
kMG[MS_mem]: k,M
LegendI[MS_mem]: Used:&nbsp
LegendO[MS_mem]: Max:&nbsp
Legend1[MS_mem]: Memory Used
Legend2[MS_mem]: Physical Memory
PageTop[MS_mem]: <H1>Memory Used without Cached</H1>

   
上面另用到兩支perl程式抓取2000狀態
snmpcpuinfo.pl
ex. snmpcpuinfo.pl {host} {community} {CPU ID}
代碼: [選擇]

#!/usr/bin/perl
# This script is a tribute to dumb-ass Microsoft SNMP implementation...
# After restarting SNMP service on MS servers, the OIDs of CPUs change
# randomly.

$host=shift;
$community=shift;
$cpu=shift;

# Get all CPUs load
@cpulines=`snmpwalk -v 1 $host -c $community hrProcessorLoad`;
# Focus on the one we were need
$cpuline=$cpulines[$cpu];
($load,$index)=splitnamevalue($cpuline);
# Get the appropriate description
$cpudescrline=`snmpwalk -v 1 $host -c $community hrDeviceDescr.$index`;
($cpudescr,)=splitnamevalue($cpudescrline);
print "$load\n";
print "$load\n";
print "$cpudescr\n";
print "\n";

sub splitnamevalue {
    $namevalue=shift;
    chomp($namevalue);
    ($index,$value)=split(/ = /, $namevalue);
    $index=~s/.*\.([0-9]{1,6})$/$1/;
    return $value,$index;
}


memoryph.pl
ex. memoryph.pl {host} {community} {process name}
代碼: [選擇]

#!/usr/bin/perl
# version 0.1b by James Chien
# Measure total memory used by certain process
# It's case sensitivity regarding "Process name"!! Be carefull

$host=shift;
$community=shift;
$processname=shift;

# Get all Processor Memory Used
$phymemory=`snmpwalk -v1 $host -c $community hrMemorySize`;
($physize,$string)=splitnamevalue($phymemory);
@sqlindex=`snmpwalk -v1 $host -c $community hrSWRunName|grep $processname`;

# Sum all memory used by the process name we wanted
foreach (@sqlindex) {
($runname,$index)=splitnamevalue($_);
$memused=`snmpwalk -v1 $host -c $community hrSWRunPerfMem.$index`;
($memsql,$string1)=splitnamevalue($memused);
$totalmem += $memsql;
}

print "$physize\n";
print "$totalmem\n";
print "\n";
print "\n";

#Function that split the string gatherd by snmpwalk
sub splitnamevalue {
    $namevalue=shift;
    chomp($namevalue);
    ($process,$value)=split(/ = /,$namevalue);
    $value=~s/INTEGER:$+\s+(\d+)+\s+KBytes/$1/;
    $process=~s/.*\.(\d+)$/$1/;
    return $value,$process;
    }



設定完成後得等rrd資料自動產生或手動執行mrtg /etc/mrtg/mrtg.cfg
若無錯誤訊息,進入 http://yourhostname/cgi-bin/mrtg-rrd-0.6/mrtg-rrd.cgi 就可看到圖表
OID值可利用mbrowse查出
stat 2.1可以偵測的Linux服務非常多, 詳見說明檔
Mrtg+RRDtool+mrtg-rrd cgi解決小弟大部分的需求
不過缺點是CGI在即時產生網頁時速度有點慢, 尤其是監控項目很多的時候
建議在mrtg.cfg裡使用Directory參數讓項目分門別類,情況會好點
另外沒辦法像MRTG顯示中文PNG圖.....

官網有相當豐富參考資料,建議初學時去逛逛
http://www.mrtg.org

頁: [1]