1.首先安需要的套件
yum -y install gcc perl gd libpng zlib mrtg
因為MRTG是走SNMP協定,所以SERVER需要安裝SNMP套件,
我先用 rpm -qa | grep snmp 來查一下是否有安裝,
我這部SERVER是有安裝snmp的,如果沒有,
可以下 yum install net-snmp net-snmp-utils 來安裝再來設定snmp,vi /etc/snmp/snmpd.conf
在該檔案加入這兩行
view systemview included .1.3.6.1.2.1.2.2.1.10
view systemview included .1.3.6.1.2.1.2.2.1.16
#附註說明
1.3.6.1.2.1.2.2.1.10.2 是 eth0 流入量
1.3.6.1.2.1.2.2.1.16.2 是 eth0 的流出量
之後重啟snmp
service snmpd restart
#附註說明 如果偵測設備時出現錯誤,可以考慮將snmpd.cfg 裡面的內容置換成 以下
####
# First, map the community name "public" into a "security name"
# sec.name source community
com2sec notConfigUser default public
####
# Second, map the security name into a group name:
# groupName securityModel securityName
group notConfigGroup v1 notConfigUser
group notConfigGroup v2c notConfigUser
####
# Third, create a view for us to let the group have rights to:
# Make at least snmpwalk -v 1 localhost -c public system fast again.
# name incl/excl subtree mask(optional)
view all included .1 80
view systemview included .1.3.6.1.2.1.2
view systemview included .1.3.6.1.2.1.1
view systemview included .1.3.6.1.2.1.25
view systemview included .1.3.6.1.4.1.2021
####
# Finally, grant the group read-only access to the systemview view.
# group context sec.model sec.level prefix read write notif
access notConfigGroup "" any noauth exact systemview none none
# -----------------------------------------------------------------------------
# Here is a commented out example configuration that allows less
# restrictive access.
# YOU SHOULD CHANGE THE "COMMUNITY" TOKEN BELOW TO A NEW KEYWORD ONLY
# KNOWN AT YOUR SITE. YOU *MUST* CHANGE THE NETWORK TOKEN BELOW TO
# SOMETHING REFLECTING YOUR LOCAL NETWORK ADDRESS SPACE.
## sec.name source community
com2sec local localhost COMMUNITY
com2sec mynetwork 203.68.102.0/24 COMMUNITY
## group.name sec.model sec.name
group MyRWGroup any local
group MyROGroup any mynetwork
#
#group MyRWGroup any otherv3user
#...
## incl/excl subtree mask
view all included .1 80
## -or just the mib2 tree-
view mib2 included .iso.org.dod.internet.mgmt.mib-2 fc
## context sec.model sec.level prefix read write notif
access MyROGroup "" any noauth 0 all none none
access MyRWGroup "" any noauth 0 all all all
###############################################################################
# Sample configuration to make net-snmpd RFC 1213.
# Unfortunately v1 and v2c don't allow any user based authentification, so
# opening up the default config is not an option from a security point.
#
# WARNING: If you uncomment the following lines you allow write access to your
# snmpd daemon from any source! To avoid this use different names for your
# community or split out the write access to a different community and
# restrict it to your local network.
# Also remember to comment the syslocation and syscontact parameters later as
# otherwise they are still read only (see FAQ for net-snmp).
#
# First, map the community name "public" into a "security name"
# sec.name source community
com2sec notConfigUser default public
# Second, map the security name into a group name:
# groupName securityModel securityName
group notConfigGroup v1 notConfigUser
group notConfigGroup v2c notConfigUser
# Third, create a view for us to let the group have rights to:
# Open up the whole tree for ro, make the RFC 1213 required ones rw.
# name incl/excl subtree mask(optional)
view roview included .1
view rwview included system.sysContact
view rwview included system.sysName
view rwview included system.sysLocation
view rwview included interfaces.ifTable.ifEntry.ifAdminStatus
view rwview included at.atTable.atEntry.atPhysAddress
view rwview included at.atTable.atEntry.atNetAddress
view rwview included ip.ipForwarding
view rwview included ip.ipDefaultTTL
view rwview included ip.ipRouteTable.ipRouteEntry.ipRouteDest
view rwview included ip.ipRouteTable.ipRouteEntry.ipRouteIfIndex
view rwview included ip.ipRouteTable.ipRouteEntry.ipRouteMetric1
view rwview included ip.ipRouteTable.ipRouteEntry.ipRouteMetric2
view rwview included ip.ipRouteTable.ipRouteEntry.ipRouteMetric3
view rwview included ip.ipRouteTable.ipRouteEntry.ipRouteMetric4
view rwview included ip.ipRouteTable.ipRouteEntry.ipRouteType
view rwview included ip.ipRouteTable.ipRouteEntry.ipRouteAge
view rwview included ip.ipRouteTable.ipRouteEntry.ipRouteMask
view rwview included ip.ipRouteTable.ipRouteEntry.ipRouteMetric5
view rwview included ip.ipNetToMediaTable.ipNetToMediaEntry.ipNetToMediaIfIndex
view rwview included ip.ipNetToMediaTable.ipNetToMediaEntry.ipNetToMediaPhysAddress
view rwview included ip.ipNetToMediaTable.ipNetToMediaEntry.ipNetToMediaNetAddress
view rwview included ip.ipNetToMediaTable.ipNetToMediaEntry.ipNetToMediaType
view rwview included tcp.tcpConnTable.tcpConnEntry.tcpConnState
view rwview included egp.egpNeighTable.egpNeighEntry.egpNeighEventTrigger
view rwview included snmp.snmpEnableAuthenTraps
# Finally, grant the group read-only access to the systemview view.
# group context sec.model sec.level prefix read write notif
access notConfigGroup "" any noauth exact roview rwview none
###############################################################################
# System contact information
#
# It is also possible to set the sysContact and sysLocation system
# variables through the snmpd.conf file:
syslocation Unknown (edit /etc/snmp/snmpd.conf)
syscontact Root (configure /etc/snmp/snmp.local.conf)
# Example output of snmpwalk:
# % snmpwalk -v 1 localhost -c public system
# system.sysDescr.0 = "SunOS name sun4c"
# system.sysObjectID.0 = OID: enterprises.ucdavis.ucdSnmpAgent.sunos4
# system.sysUpTime.0 = Timeticks: (595637548) 68 days, 22:32:55
# system.sysContact.0 = "Me "
# system.sysName.0 = "name"
# system.sysLocation.0 = "Right here, right now."
# system.sysServices.0 = 72
###############################################################################
# Logging
#
# We do not want annoying "Connection from UDP: " messages in syslog.
# If the following option is commented out, snmpd will print each incoming
# connection, which can be useful for debugging.
dontLogTCPWrappersConnects yes
# -----------------------------------------------------------------------------
###############################################################################
# disk checks
#
# The agent can check the amount of available disk space, and make
# sure it is above a set limit.
# disk PATH [MIN=100000]
#
# PATH: mount path to the disk in question.
# MIN: Disks with space below this value will have the Mib's errorFlag set.
# Default value = 100000.
# Check the / partition and make sure it contains at least 10 megs.
disk / 10000
# % snmpwalk -v 1 localhost -c public .1.3.6.1.4.1.2021.9
# enterprises.ucdavis.diskTable.dskEntry.diskIndex.1 = 0
# enterprises.ucdavis.diskTable.dskEntry.diskPath.1 = "/" Hex: 2F
# enterprises.ucdavis.diskTable.dskEntry.diskDevice.1 = "/dev/dsk/c201d6s0"
# enterprises.ucdavis.diskTable.dskEntry.diskMinimum.1 = 10000
# enterprises.ucdavis.diskTable.dskEntry.diskTotal.1 = 837130
# enterprises.ucdavis.diskTable.dskEntry.diskAvail.1 = 316325
# enterprises.ucdavis.diskTable.dskEntry.diskUsed.1 = 437092
# enterprises.ucdavis.diskTable.dskEntry.diskPercent.1 = 58
# enterprises.ucdavis.diskTable.dskEntry.diskErrorFlag.1 = 0
# enterprises.ucdavis.diskTable.dskEntry.diskErrorMsg.1 = ""
# -----------------------------------------------------------------------------
搞定SNMP後,接下來處理MRTG的設定...
有兩種方式可以產生cfg檔案:
方法1.使用cfgmaker 自動產生檔案 (強烈推薦!!)
若要針對大量的網路設備去偵測的話,建議使用cfgmaker來自動產生 cfg檔案
方法如下:
cfgmaker SNMP Community String@L2_Switch_IP --output=產生cfg檔案的路徑
如
cfgmaker Dorm@140.129.88.7 --output=/etc/mrtg/dorm.cfg
以上的意思是說 我針對140.129.88.7這台網路設備(通常是 Switch)去執行cfgmaker,
產生出來的檔案為/etc/mrtg/dorm.cfg,
而140.129.88.7 這台設備的SNMP Community String是Dorm (我用的SNMP Community String是Dorm,預設通常為public(因 SNMP是標準協定,所有的網路設備商通用的SNMP Community String為public),但是一般的網管人員會將網路設備的SNMP Community String改掉(像我們為了資安理由,就將public改了,避免有心人進去查到設備資訊))
方法2.自行編輯 MRTG 設定檔
編輯 /etc/mrtg/mrtg.cfg , 內容只要有下面即可
Target[eth0]: 2:public@127.0.0.1
MaxBytes[eth0]: 1250000
Options[eth0]:growright, bits #(用在網路流量中)
Title[eth0]: Traffic Analysis
PageTop[eth0]:<h1> 127.0.0.7</h1>
如果要新增其他設備,就繼續編輯mrtg.cfg
Target[Dorm]: Switch_Port:SNMP Community String@L2_Switch_IP
MaxBytes[Dorm]: 1250000
Options[Dorm]:growright, bits
Title[Dorm]: Traffic Analysis
PageTop[Dorm]: <H1>學生宿舍</H1>
#參數說明: 其中Target 的參數主要是說要針對哪一個設備去抓資料,
上述設定的Target[eth0]: 2:public@127.0.0.1 是說我針對本機端的第2Port(即網路卡)去抓流量,
像宿舍流量: Target[Dorm]: 4:Dorm@140.129.88.7 這一段的意義是:我針對140.129.88.7這部設備的第4Port去抓資料,用的 SNMP Community String 是當初我所設定的 Dorm...
上述設定的Target[eth0]: 2:public@127.0.0.1 是說我針對本機端的第2Port(即網路卡)去抓流量,
像宿舍流量: Target[Dorm]: 4:Dorm@140.129.88.7 這一段的意義是:我針對140.129.88.7這部設備的第4Port去抓資料,用的 SNMP Community String 是當初我所設定的 Dorm...
同時修改一下工作網頁,因為我預設的網頁路徑是 /var/www/html/mrtg ,所以要找到
HtmlDir 與 ImageDir改為以下
HtmlDir: /var/www/html/mrtg
ImageDir: /var/www/html/mrtg
Refresh: 300 #網頁設定每300秒更新一次
Interval: 10 #每10秒讀取設定檔
Language: big5 #語系big 5
Options[ _ ]: growright #由右邊畫起
這兩個照預設值就可以了
其他參數說明:
1.如果沒有mrtg的目錄,請記得先用mkdir /var/www/html/mrtg 來生成該目錄
2.如果Apache 重新啟動後發現mrtg網頁進不去,請確認一下/etc/httpd/conf.d/mrtg.cfg中的
Alias /mrtg /var/www/html/mrtg 路徑是否有誤!!! 更改後記得重啟Apache
public 前面的數字可用下面偵測, 一般 eth0 代號是 2
ip link
執行 3 次下面指令, 產生基本網頁
代碼:
env LANG=C /usr/bin/mrtg /etc/mrtg/mrtg.cfg
env LANG=C /usr/bin/mrtg /etc/mrtg/mrtg.cfg
env LANG=C /usr/bin/mrtg /etc/mrtg/mrtg.cfg
產生網頁,產生在 /var/www/html/mrtg/ 下
indexmaker /etc/mrtg/mrtg.cfg > /var/www/html/mrtg/index.html
透過cronatb設定每2分鐘跑一次上一個指令
crontab -e*/2 * * * * root env LANG=C /usr/bin/mrtg /etc/mrtg/mrtg.cfg > /dev/null 2>&1
產生之後,可以透過Winscp 來看一下工作目錄
你會發現其實他是透過剛剛我們寫的croontab 來將設備流量產生成圖片,eth0.html這個網頁就是將圖片資料顯示出來的頁面而已,如果要修改成自己的網頁,那就自己寫html,把圖片帶進去就可以了...
沒有留言:
張貼留言