We re-install RHEL on our Proxy server as we have two sata 160 GB hard drive each. we also did RAID-1 configuration on it. Now after successfull configuration of Squid we have to install MRTG and SARG for report generation, i will talk about MRTG here in detail. so first thing is to check that wheather our web services is running or not, if not so we have to start the services.
[root@pswproxy ~]# service httpd start
After entering this command i got an error that unable to identify fully qualified domain name, so it means we have to identify the fully qualified domain name
[root@pswproxy ~]# vi /etc/httpd/conf/httpd.conf
Uncomment this line and put your FQDN: ServerName pswbackupproxy:80
Now restart the web services it will work
[root@pswproxy ~]# service httpd restart
Now to install and configure MRTG we have to install and configure SNMP, if you have SNMP install then move to Step #5 directly, lets look
Step # 1 : Check SNMP server Status
To check wheather SNMP is install or not use following RPM query command:
[root@pswproxy ~]# rpm -qa | grep snmp
In my case it was already install, following are the rpm that are install on my machine
net-snmp-libs-5.1.2-11.EL4.11
net-snmp-5.1.2-11.EL4.11
php-snmp-4.3.9-3.22.9
net-snmp-libs-5.1.2-11.EL4.11
net-snmp-utils-5.1.2-11.EL4.11
net-snmp-devel-5.1.2-11.EL4.11
net-snmp-perl-5.1.2-11.EL4.11
If its not install on your machine then use the following command if you have Fedora repositray
[root@pswproxy ~]# yum install net-snmp-utils net-snmp
or If you have RHEL the use the following command
[root@pswproxy ~]# up2date -v -i net-snmp-utils net-snmp
Step # 2 : Check status of snmp server
Check 'ps' comamnd to find out wheather snmp is running or not
[root@pswproxy ~]# ps -aux | grep snmp
Make sure snmpd service starts automatically, when linux comes online
[root@pswproxy ~]# chkconfig --add snmpd
Step # 3 : Make sure snmp server configured properly
Run snmpwalk utility to request for tree of information about network entity. In other words query snmp server for your IP address (assigned to eth0, eth1, lo etc):
[root@pswproxy ~]# snmpwalk -v 1 -c public localhost IP-MIB::ipAdEntIfIndex
If you can see your IP address then please proceed to step 4; else you have to configure snmp server as follows (by default RHEL and RH 8/9 are not configured for snmp server for security reason) and in my case it was also not configured so lets look at the detail steps:
SNMP Configuration:
1: Edit file /etc/snmp/snmpd.conf using text editor:
[root@pswproxy ~]# vi /etc/snmp/snmpd.conf
Change/Modify line(s) as follows, Find following Line:
com2sec notConfigUser default public
Replace with (make sure you replace 192.168.0.0/24 replace with your network IPs) following lines:
com2sec local localhost public
com2sec mynetwork 192.168.0.0/24 public
Scroll down a bit and Find Lines:
group notConfigGroup v1 notConfigUser
group notConfigGroup v2c notConfigUser
Replace with:
group MyRWGroup v1 local
group MyRWGroup v2c local
group MyRWGroup usm local
group MyROGroup v1 mynetwork
group MyROGroup v2c mynetwork
group MyROGroup usm mynetwork
Again scroll down bit and locate following line, Find line:
view systemview included system
Replace with:
view all included .1 80
Again scroll down bit and change, Find line:
access notConfigGroup "" any noauth exact systemview none none
Replace with:
access MyROGroup "" any noauth exact all none none
access MyRWGroup "" any noauth exact all all none
Scroll down bit and change, Find lines:
syslocation Unknown (edit /etc/snmp/snmpd.conf)
syscontact Root (configure /etc/snmp/snmp.local.conf)
Replace with:
syslocation Linux (RH3_UP2), Home Linux Router.
syscontact Vivek G Gite
Start your snmp server and test it:
(a) Make sure when linux comes up snmpd always starts:
[root@pswproxy ~]# chkconfig snmpd on
(b) Make sure service start whenever Linux comes up (after reboot):
[root@pswproxy ~]# service snmpd start
(c) Finally test your snmp server:
[root@pswproxy ~]# snmpwalk -v 1 -c public localhost IP-MIB::ipAdEntIfIndex
Step # 4 : Install MRTG if not Installed
Mrtg software may install during initial installation, you can verify if MRTG installed or not with following RPM command:
[root@pswproxy ~]# rpm -qa | grep mrtg
In my case it was installed as the following shown,
mrtg-2.10.15-2a
if it is not installedon your mcahine then use any of the following command depend on your repository
For Linux User
[root@pswproxy ~]# up2date -v -i mrtg
For Fedora user
[root@pswproxy ~]# yum install mrtg
Step # 5 : MRTG Configuration
(a) Create document root to store mrtg graphs/html pages:
[root@pswproxy ~]# mkdir -p /var/www/html/mymrtg/
(b) Run any one of the following cfgmaker command to create mrtg configuration file:
[root@pswproxy ~]#cfgmaker --global 'WorkDir: /var/www/html/mymrtg' --output
/etc/mrtg/mymrtg.cfg public@localhost
OR (make sure your FQDN resolves, in following example i'm using rh9.test.com which is my router FQDN address)
[root@pswproxy ~]# cfgmaker --global 'WorkDir: /var/www/html/mymrtg' --output /etc/mrtg/mymrtg1.cfg public@rh9.test.com
(c) Create default index page for your MRTG configuration:
[root@pswproxy ~]# indexmaker --output=/var/www/html/mymrtg/index.html /etc/mrtg/mymrtg.cfg
(d) Copy all tiny png files to your mrtg path,
[root@pswproxy ~]# cp -av /var/www/html/mrtg/*.png /var/www/html/mymrtg/
Step # 6 First test mrtg, run of mrtg
(a) Run mrtg command from command line with your configuration file:
[root@pswbackupproxy /]# mrtg /etc/mrtg/mymrtg.cfg
I got an Error but after a little search i found the solution see below
-----------------------------------------------------------------------
ERROR: Mrtg will most likely not work properly when the environment
variable LANG is set to UTF-8. Please run mrtg in an environment
where this is not the case. Try the following command to start:
env LANG=C /usr/bin/mrtg /etc/mrtg/mymrtg.cfg
-----------------------------------------------------------------------
[root@pswproxy /]# env LANG=C /usr/bin/mrtg /etc/mrtg/mymrtg.cfg
NOTE: Avoid The Warning, you will see it for teh first time
Rateup WARNING: /usr/bin/rateup could not read the primary log file for localhost_2
Rateup WARNING: /usr/bin/rateup The backup log file for localhost_2 was invalid as well
Rateup WARNING: /usr/bin/rateup Can't remove localhost_2.old updating log file
Rateup WARNING: /usr/bin/rateup Can't rename localhost_2.log to localhost_2.old updating log file
Step # 7 Create crontab entry so that mrtg graph / images get generated every 5 minutes
(a) Login as a root user or login as a mrtg user and type following command:
[root@pswproxy /]# crontab -e
(b) Add mrtg cron job entry to configuration file (append following line to it):
*/5 * * * * /usr/bin/mrtg /etc/mrtg/mymrtg.cfg --logging /var/log/mrtg.log
Save file and you are done with MRTG config issues :)
Step # 8 Block ports 161 & 162 at firewall
You do not want to give access to everyone to your snmp server for security reasons. SNMP server uses UDP 161, 162 ports for communication. Use Linux IPTABLES firewall to restrict access to SNMP server
(a) Allow outgoing SNMP server request from your Linux computer. This is useful when you query remote host/router (replace SERVER IO with your real IP):
SERVER="xxx.xxx.xxx.xxx"
[root@pswproxy /]# iptables -A OUTPUT -p udp -s $10.110.9.116 --sport 1024:65535 -d 0/0 --dport 161:162 -m state --state NEW,ESTABLISHED -j ACCEPT
[root@pswproxy /]# iptables -A INPUT -p udp -s 0/0 --sport 161:162 -d $SERVER --dport 1024:65535 -m state --state ESTABLISHED -j ACCEPT
(b )Allow incoming SNMP client request via iptables. This is useful when you wish to accept queries for rest of the world (replace SERVER IP with your real IP):
SERVER="xxx.xxx.xxx.xxx"
[root@pswproxy /]# iptables -A INPUT -p udp -s 0/0 --sport 1024:65535 -d $SERVER --dport 161:162 -m state --state NEW,ESTABLISHED -j ACCEPT
[root@pswproxy /]# iptables -A OUTPUT -p udp -s $SERVER --sport 161:162 -d 0/0 --dport 1024:65535 -m state --state ESTABLISHED -j ACCEPT
Change Server with your IP address
FOR IMAGE:
You can see the SNGPL monogram if you want to place your own so you just have to make change in the "index.html"
[root@pswbackupproxy ~]# cd /var/www/html/mymrtg/
[root@pswbackupproxy ~]# ls
[root@pswbackupproxy ~]#
index.html localhost_2.log localhost_2-week.png mrtg-m.png
localhost_2-day.png localhost_2-month.png localhost_2-year.png mrtg-r.png
localhost_2.html localhost_2.old mrtg-l.png sngpllogo.jpg
[root@pswbackupproxy mymrtg]# vi index.html
In first Figur The Whole while in secodn figure its for the specific interface like Ethernet 1 (outgoing Traffic)
I hope it will be informative for you people.
CHEERS
7 comments:
MRTG is generic Graphical representation method, it is even can be configured for your server's health and performance, fo instance CACTI.
moreover i would be expecting from you to post step-by-step for MRTG with CISCO equipment. nice work done.
great work Sohail. Thumbs up!
Very soon this site will be famous amid all blogging viewers, due to it's pleasant content
My site; www.teenpornpost.com
replica watches, ugg boots, ralph lauren pas cher, oakley sunglasses, louis vuitton, nike roshe run, chanel handbags, burberry, kate spade outlet, louis vuitton outlet, nike outlet, longchamp, louboutin shoes, gucci outlet, ray ban sunglasses, air jordan pas cher, nike free, jordan shoes, sac longchamp, uggs on sale, louboutin, nike free, cheap oakley sunglasses, nike air max, prada outlet, air max, christian louboutin outlet, tory burch outlet, longchamp pas cher, polo ralph lauren outlet, ugg boots, polo ralph lauren outlet, louis vuitton, replica watches, nike air max, louboutin pas cher, oakley sunglasses, tiffany jewelry, oakley sunglasses, ray ban sunglasses, louis vuitton, prada handbags, michael kors, ray ban sunglasses, louis vuitton outlet, louboutin outlet, longchamp outlet, oakley sunglasses, longchamp outlet, tiffany and co
vans shoes, beats by dre, ghd, lancel, herve leger, new balance, ray ban, ralph lauren, abercrombie and fitch, celine handbags, north face outlet, birkin bag, louboutin, chi flat iron, soccer jerseys, nike air max, ferragamo shoes, mont blanc, insanity workout, hollister, jimmy choo shoes, nfl jerseys, soccer shoes, nike huarache, nike air max, nike roshe, wedding dresses, instyler, iphone cases, p90x workout, timberland boots, reebok shoes, mcm handbags, gucci, oakley, hollister, asics running shoes, valentino shoes, longchamp, converse, vans, converse outlet, baseball bats, hollister, north face outlet, bottega veneta, lululemon, babyliss, mac cosmetics, nike trainers
bottes ugg, ugg boots uk, ugg,uggs,uggs canada, canada goose uk, canada goose outlet, pandora jewelry, moncler, hollister, marc jacobs, swarovski, juicy couture outlet, replica watches, canada goose, moncler, swarovski crystal, links of london, wedding dresses, moncler outlet, thomas sabo, karen millen, pandora jewelry, moncler, montre pas cher, juicy couture outlet, ugg pas cher, louis vuitton, moncler, moncler, louis vuitton, moncler, louis vuitton, supra shoes, coach outlet, canada goose, toms shoes, ugg,ugg australia,ugg italia, moncler, doudoune canada goose, canada goose, canada goose outlet, louis vuitton, pandora charms, canada goose, sac louis vuitton pas cher, pandora charms
0813jejebasket adidas nike pas cher Les travailleurs cortez nike femme kaki de la construction sont très souvent nike air max thea camel desert tenus de porter ces air jordan 11 retro price chaussures spécialement conçues par leurs asics gel lyte 3 pas cher chine employeurs. Ceux-ci sont généralement utilisés basket nike air tn dans de nombreux tournois sportifs internationaux. air jordan pas cher discount Il a reçu une air jordan noir homme pas cher réputation rapide et est cortez nike femme or devenu l'image avec le cow-boy américain. basket nike roshe run palmier
Post a Comment