NIX Blogging

This Blog its all About Me

Tuesday, July 17, 2007

MRTG With OpenBSD



This tutorial helps you to build your own MRTG server, to capture traffic from your router, switch or other things.
So I'm gonna make quick tutorial, so I'm gonna cut the craps.

Firstly we need to make sure we already have these :

- gd
- mrtg
- net-snmp
- zlib
- libpng

If you already got those, shall we move on. If not you have to install it first, using packages or just download the binary package from their website. You can check them use the pkg_info, for example :

$ pkg_info | grep gd
gd-2.0.34 library for dynamic creation of images


Now we need to configure the snmpd.conf

$ locate snmpd.conf
/etc/snmp/snmpd.conf

# System contact
syscontact technical@mrtg.net
syslocation Jakarta
# sec.name source community (password)
com2sec MRTG 192.168.8.99 COMMUNITY

#
# group.name sec.model sec.name
group RWGroup V1 ROUTER
group ROGroup V1 LocalLan
#
# incl/excl subtree mask
view all included .1 80
view system included system fe
#
# context sec.model sec.level prefix read write notif
access ROGroup "" V1 noauth exact all none none
access RWGroup "" V1 noauth exact all all all
access Others "" V1 noauth exact system none all

For further info you can check it from here http://net-snmp.sourceforge.net/ .
Now we need to activate the snmpd :

#/usr/local/sbin/snmpd -c /etc/snmp/snmpd.conf

If want to snmpd automatically start on boot you need to put it in the /etc/rc.local

#echo "/usr/local/sbin/snmpd -c /etc/snmp/snmpd.conf" >> /etc/rc.local

And after that we need to know is it the snmpd active or not, by doing this :

#/usr/local/bin/snmpwalk -Os -c [community-string] -v 1 [ip-number]

You have to fill the community string and the ip number. After that you can see outputs.

bla-bla-bla ......................
snmpInTotalReqVars.0 = Counter32: 6778
snmpInTotalSetVars.0 = Counter32: 0
snmpInGetRequests.0 = Counter32: 1440
snmpInGetNexts.0 = Counter32: 1742
snmpInSetRequests.0 = Counter32: 0
snmpInGetResponses.0 = Counter32: 0
snmpInTraps.0 = Counter32: 0
snmpOutTooBigs.0 = Counter32: 0
snmpOutNoSuchNames.0 = Counter32: 0
snmpOutBadValues.0 = Counter32: 0
snmpOutGenErrs.0 = Counter32: 0
snmpOutGetRequests.0 = Counter32: 0
snmpOutGetNexts.0 = Counter32: 0
snmpOutSetRequests.0 = Counter32: 0
snmpOutGetResponses.0 = Counter32: 3192
snmpOutTraps.0 = Counter32: 0
snmpEnableAuthenTraps.0 = INTEGER: disabled(2)
snmpSilentDrops.0 = Counter32: 0
snmpProxyDrops.0 = Counter32: 0

Congrats, you just installed your snmp.


As we know apache is jailed (chroot-ed) at the /var/www or you can use the '-u' flag. Then you have to make folder in the /var/www/mrtg. Now I want to capture traffic from my router ( OpenBSD Router ) 192.168.8.2, I had snmp installed there. So I make another folder at the /var/www/mrtg/router/ or just use the router's IP /var/www/mrtg/192.168.8.2.

#cfgmaker --global 'WorkDir: /var/www/mrtg/192.168.8.2/' \
--global 'Options[_]:bits,growright' \
--output /var/www/mrtg/192.168.8.2/192.168.8.2.cfg \
COMMUNITY@192.168.8.2

You can check that 192.168.8.2.cfg already there ( /var/www/mrtg/192.168.8.2 ), now we need to run this. We need to add these lines to the /var/www/mrtg/192.168.8.2/192.168.8.2.cfg

LoadMIBs: /usr/share/snmp/mibs/UCD-SNMP-MIB.txt
RunAsDaemon: Yes

#/usr/local/bin/mrtg /var/www/mrtg/192.168.8.2/192.168.8.2.cfg

You will see so many errors output, that's normal. Now put that line to the crontab.
#crontab -e
*/5 * * * * /usr/local/bin/mrtg /var/www/mrtg/192.168.8.2/192.168.8.2.cfg

And save your work, it will run for every 5 minutes ( man crontab). Now we need an index.html so we can easily access it from the browser. Run this command to make your index

#indexmaker --output=/var/www/mrtg/192.168.8.2/index.html /var/www/mrtg/192.168.8.2/192.168.8.2.cfg

Whamm, now you already have your own index.html at the /var/www/mrtg/192.168.8.2.
Now, all we need to configure the httpd.conf. And you are ready to go.

*PS : You need to install the snmp to the machine you want to capture, it will be the same way.


Read more!