Thread: logging traffic from router running DD-WRT
View Single Post
  #3 (permalink)  
Old 10-23-2007, 01:06 AM
George
Guest
  
Posts: n/a
Default Re: logging traffic from router running DD-WRT
Jeff Liebermann wrote:
> George <george@nospam.invalid> hath wroth:
>
>> I have a WHR-G54S running v24 beta. We will have a few visitors (family)
>> that will be bringing notebooks. I want to avoid p2p issues so I have
>> experimented with the p2p filtering which seems to work but I also would
>> like to log the traffic because I want to see if it really works.
>>
>> I have rflow collector running and it has the info I need but the info
>> isn't stored. I installed MySQL and set up the tables exactly like they
>> are noted in Rflow collector only very little is getting written to the
>> database. Googling tells me that this is a common thing and it needs
>> more polishing.
>
> Make sure you have the rstats daemon enabled:
> Administration -> Services -> Rstats -> Enable

Rflow & MACupd are enabled. That doesn't seem to be the issue since
Rflow collector is showing lots of data.

>
>> Anyone use other logging applications that have good reporting that work
>> with DD-WRT?
>
> What data are you interested in logging?

I want to log traffic from/to LAN IPs (what they connected to, how
much data was moved and a timestamp). Rflow collector is showing all of
that but just doesn't save it.

>
> For RFLOW, did you use these instructions?
> <http://www.dd-wrt.com/wiki/index.php/Using_RFlow_Collector_and_MySQL_To_Gather_Traffic_ Information>
> I had it working on v23 SP2 with MySQL 4.1(?) on SUSE 9.3(old), but
> haven't tried it on the latest versions. In theory, any NETFLOW
> analyzer will work. Use Google, there are plenty to choose from.
> <http://en.wikipedia.org/wiki/Netflow>


Thats what I used. Only I am running MySQL 5 and have authentication
compatibility turned on so Rflow Collector can authenticate.

It authenticates but writes almost nothing into the DB. I don't know how
to determine what is broken. It could be because I am running DD-WRT v24.

>
> I didn't use NETFLOW and instead decided to use SNMP to log traffic.
> If all you want is aggregate traffic by IP, I suggest MRTG, PRTG (4
> users max), or RRDTool (Linux or Cygwin). These look useful:
> <http://www.dd-wrt.com/wiki/index.php/Multi_Router_Traffic_Grapher>
> <http://www.engadget.com/2006/08/01/how-to-measure-your-bandwidth-with-snmp/>

Thanks but I was shooting for more detail.

>
> However, before you dive into SNMP, you should have some kind of
> debugging tools available. I use snmputil.exe and GetIF 2.3.1. I
> covered these in a previous posting at:
> <http://groups.google.com/group/alt.internet.wireless/msg/8c28d081e3c32f21>
>

Reply With Quote