附錄
- AWStats - 記錄檔分析
- AWStats for apache
- AWStats for vsftp
- AWStats for sendmail
- MRTG - 網路流量監測
- ntop - 網路流量監測
- 簡易防火牆設定
AWStats
AWStats 官方網站:http://awstats.sourceforge.net/
cd
wget http://nchc.dl.sourceforge.net/sourceforge/awstats/awstats-6.6.tar.gz
tar zxvf awstats-6.6.tar.gz
rm -rf awstats-6.6.tar.gz
mv awstats-6.6 /usr/local/awstats
ln -s /usr/local/awstats /usr/share/awstats
cd /usr/local/awstats/tools
AWStats for apache
產生分析 apache log 的 AWStats 設定檔
perl awstats_configure.pl
----- AWStats awstats_configure 1.0 (build 1.6) (c) Laurent Destailleur -----
This tool will help you to configure AWStats to analyze statistics for
one web server. You can try to use it to let it do all that is possible
in AWStats setup, however following the step by step manual setup
documentation (docs/index.html) is often a better idea. Above all if:
- You are not an administrator user,
- You want to analyze downloaded log files without web server,
- You want to analyze mail or ftp log files instead of web log files,
- You need to analyze load balanced servers log files,
- You want to 'understand' all possible ways to use AWStats...
Read the AWStats documentation (docs/index.html).
-----> Running OS detected: Linux, BSD or Unix
-----> Check for web server install
Enter full config file path of your Web server.
Example: /etc/httpd/httpd.conf
Example: /usr/local/apache2/conf/httpd.conf
Example: c:\Program files\apache group\apache\conf\httpd.conf
Config file path ('none' to skip web server setup):
> /etc/httpd/conf/httpd.conf
#輸入 web server 設定檔位置
-----> Check and complete web server config file '/etc/httpd/conf/httpd.conf'
AWStats directives already present.
-----> Update model config file '/etc/awstats/awstats.model.conf'
File awstats.model.conf updated.
-----> Need to create a new config file ?
Do you want me to build a new AWStats config/profile
file (required if first install) [y/N] ? y
#輸入 y,產生新的 AWStats 設定檔
-----> Define config file name to create
What is the name of your web site or profile analysis ?
Example: www.mysite.com
Example: demo
Your web site, virtual server or profile name:
> www
#輸入 www,為設定檔取個名字,此檔名可自取
-----> Define config file path
In which directory do you plan to store your config file(s) ?
Default: /etc/awstats
Directory path to store config file(s) (Enter for default):
>
#直接按下 Enter,使用預設資料夾來放置設定檔
-----> Create config file '/etc/awstats/awstats.www.conf'
Config file /etc/awstats/awstats.www.conf created.
-----> Restart Web server with '/sbin/service httpd restart'
停止 httpd: [ 確定 ]
啟動 httpd: [ 確定 ]
-----> Add update process inside a scheduler
Sorry, configure.pl does not support automatic add to cron yet.
You can do it manually by adding the following command to your cron:
/usr/local/awstats/wwwroot/cgi-bin/awstats.pl -update -config=www
Or if you have several config files and prefer having only one command:
/usr/local/awstats/tools/awstats_updateall.pl now
Press ENTER to continue...
A SIMPLE config file has been created: /etc/awstats/awstats.www.conf
You should have a look inside to check and change manually main parameters.
You can then manually update your statistics for 'www' with command:
> perl awstats.pl -update -config=www
You can also read your statistics for 'www' with URL:
> http://localhost/awstats/awstats.pl?config=www
Press ENTER to finish...
chmod 755 /usr/local/awstats
mkdir /var/lib/awstats
修改設定檔
cp /etc/awstats/awstats.www.conf /etc/awstats/awstats.www.conf.bak
vi /etc/awstats/awstats.www.conf
51行 LogFile="/var/log/httpd/mylog.log" 修改成--> LogFile="/var/log/httpd/access_log"
153行 SiteDomain="www" 修改成--> SiteDomain="xxx.xxx.edu.tw"
188行 DNSLookup=2 修改成--> DNSLookup=1
/usr/local/awstats/wwwroot/cgi-bin/awstats.pl -config=www -update
/etc/rc.d/init.d/httpd restart
測試:http://IP/awstats/awstats.pl?config=www
▲Top
AWStats for vsftp
產生分析 vsftp log 的 AWStats 設定檔
vi /etc/awstats/awstats.ftp.conf
LogFile="/var/log/xferlog"
LogType=F
LogFormat="%time3 %other %host %bytesd %url %other %other %method %other %logname %other %code %other %other"
LogSeparator="\s"
SiteDomain="xxx.xxx.edu.tw"
HostAliases="192.168.1.1 localhost 127.0.0.1"
DNSLookup=1
DirData="/var/lib/awstats"
DirIcons="/awstatsicons"
AllowToUpdateStatsFromBrowser=0
NotPageList=""
LevelForBrowsersDetection=0
LevelForOSDetection=0
LevelForRefererAnalyze=0
LevelForRobotsDetection=0
LevelForWormsDetection=0
LevelForSearchEnginesDetection=0
ShowLinksOnUrl=0
ShowMenu=1
ShowMonthStats=UVHB
ShowDaysOfMonthStats=HB
ShowDaysOfWeekStats=HB
ShowHoursStats=HB
ShowDomainsStats=HB
ShowHostsStats=HBL
ShowAuthenticatedUsers=HBL
ShowRobotsStats=0
ShowEMailSenders=0
ShowEMailReceivers=0
ShowSessionsStats=1
ShowPagesStats=PBEX
ShowFileTypesStats=HB
ShowFileSizesStats=0
ShowBrowsersStats=0
ShowOSStats=0
ShowOriginStats=0
ShowKeyphrasesStats=0
ShowKeywordsStats=0
ShowMiscStats=0
ShowHTTPErrorsStats=0
ShowSMTPErrorsStats=0
/usr/local/awstats/wwwroot/cgi-bin/awstats.pl -update -config=ftp
測試:http://IP/awstats/awstats.pl?config=ftp
▲Top
AWStats for sendmail
產生分析 sendmail log 的 AWStats 設定檔
vi /etc/awstats/awstats.mail.conf
LogFile="perl /usr/share/awstats/tools/maillogconvert.pl standard < /var/log/maillog |"
LogType=M
LogFormat="%time2 %email %email_r %host %host_r %method %url %code %bytesd"
LevelForBrowsersDetection=
LevelForOSDetection=0
LevelForRefererAnalyze=0
LevelForRobotsDetection=0
LevelForWormsDetection=0
LevelForSearchEnginesDetection=
LevelForFileTypesDetection=
AllowToUpdateStatsFromBrowser=0
SiteDomain="xxx.xxx.edu.tw"
HostAliases="192.168.1.1 localhost 127.0.0.1"
DirData="/var/lib/awstats"
DirIcons="/awstatsicons"
ShowMenu=1
ShowMonthStats=HB
ShowDaysOfMonthStats=HB
ShowDaysOfWeekStats=HB
ShowHoursStats=HB
ShowDomainsStats=0
ShowHostsStats=HBL
ShowAuthenticatedUsers=0
ShowRobotsStats=0
ShowEMailSenders=HBML
ShowEMailReceivers=HBML
ShowSessionsStats=0
ShowPagesStats=0
ShowFileTypesStats=0
ShowFileSizesStats=0
ShowBrowsersStats=0
ShowOSStats=0
ShowOriginStats=0
ShowKeyphrasesStats=0
ShowKeywordsStats=0
ShowMiscStats=0
ShowHTTPErrorsStats=0
ShowSMTPErrorsStats=1
/usr/local/awstats/wwwroot/cgi-bin/awstats.pl -update -config=mail
測試:http://IP/awstats/awstats.pl?config=mail
AWStats 模組 for Webmin:
安裝:Webmin / Webmin 組態 / Webmin 模組 / 從本機檔案
模組位置:/usr/share/awstats/tools/webmin/awstats-1.7.wbm
設定:
系統 / AWStats Logfile Analyzer / 模組組態:
Absolute filesystem path to AWStats update statistics command:
/usr/local/awstats/wwwroot/cgi-bin/awstats.pl
Absolute or relative URL path to AWStats CGI:http://IP/awstats/awstats.pl
Sample AWStats configuration file:/usr/local/awstats/wwwroot/cgi-bin/awstats.model.conf
定時更新:
vi /etc/crontab
0 4 * * * root /usr/bin/perl /usr/local/awstats/tools/awstats_updateall.pl now >/dev/null 2>&1
AWStats 官方文件:http://awstats.sourceforge.net/docs/index.html
w3m /usr/local/awstats/docs/index.html
▲Top
MRTG - Multi Router Traffic Grapher
MRTG 官方網站:http://oss.oetiker.ch/mrtg/
yum -y install net-snmp mrtg gd libpng zlib
產生設定檔:
mv /etc/snmp/snmpd.conf /etc/snmp/snmpd.conf.bak
vi /etc/snmp/snmpd.conf
com2sec local localhost public
com2sec mynetwork 192.168.1.0/24 public
group MyRWGroup any local
group MyROGroup any mynetwork
group MyRWGroup any otherv3user
view all included .1 80
access MyROGroup "" any noauth 0 all none none
access MyRWGroup "" any noauth 0 all all all
syslocation CentOS 4.4
syscontact sysadm <sysadm@xxx.xxx.edu.tw>
啟動 snmpd:
/etc/rc.d/init.d/snmpd start
chkconfig snmpd on
建立放置網頁的資料夾:
mkdir /var/www/mrtg/web
產生 mrtg.cfg:
cfgmaker --global 'WorkDir: /var/www/mrtg/web' \
--global 'Options[_]: growright' \
--output /etc/mrtg/mrtg.cfg \
public@IP
修改 mrtg.cfg:
cp /etc/mrtg/mrtg.cfg /etc/mrtg/mrtg.cfg.bak
vi /etc/mrtg/mrtg.cfg
#在 20行 Options[_]: growright 這一行下面加上
Language:big5
註:修改此檔案的內容(假如有需要的話)
產生網頁:
env LANG=C /usr/bin/mrtg /etc/mrtg/mrtg.cfg
env LANG=C /usr/bin/mrtg /etc/mrtg/mrtg.cfg
env LANG=C /usr/bin/mrtg /etc/mrtg/mrtg.cfg
#執行三次
產生索引頁:
若有多個機器要監控,可以用索引頁來放置多個機器的圖表
cd /var/www/mrtg/web
indexmaker /etc/mrtg/mrtg.cfg > index.html
設定瀏覽範圍:
cp /etc/httpd/conf.d/mrtg.conf /etc/httpd/conf.d/mrtg.conf.bak
vi /etc/httpd/conf.d/mrtg.conf
Alias /mrtg /var/www/mrtg
<Location /mrtg>
Order deny,allow
Deny from all
Allow from 127.0.0.1 修改成--> Allow from 192.168.1.0/255.255.255.0
Allow from ::1
# Allow from .example.com
</Location>
/etc/rc.d/init.d/httpd restart
測試:http://IP/mrtg/web/
more /etc/cron.d/mrtg
MRTG 官方文件:http://oss.oetiker.ch/mrtg/doc/
▲Top
ntop
ntop 官方網站:http://www.ntop.org/
安裝:
yum -y install glib
cd
wget http://dag.wieers.com/rpm/packages/ntop/ntop-3.2-2.el5.rf.i386.rpm
rpm -ivh ntop-3.2-2.el5.rf.i386.rpm
rm -rf ntop-3.2-2.el5.rf.i386.rpm
為 ntop 設定密碼:此指令會設定 admin 的密碼
/usr/bin/ntop -P /var/ntop -u ntop -A
設定:
vi /etc/ntop.conf
36行 --use-syslog 修改成--> #--use-syslog
啟動:
/etc/rc.d/init.d/ntop start
chkconfig ntop on
測試:http://IP:3000
ntop 官方文件:http://www.ntop.org/documentation.html
▲Top
簡易防火牆設定
檢查在等待中的服務:
yum -y install nmap
nmap localhost
Starting Nmap 4.11 ( http://www.insecure.org/nmap/ ) at 2007-04-18 08:44 CST
Interesting ports on localhost.localdomain (127.0.0.1):
Not shown: 1669 closed ports
PORT STATE SERVICE
21/tcp open ftp #這跟 FTP伺服器 有關
22/tcp open ssh #這跟 SSH加密連線 有關
25/tcp open smtp #這跟 Sendmail 寄信有關
80/tcp open http #這跟 網頁伺服器 有關
110/tcp open pop3 #這跟 Dovecot POP 離線收信有關
139/tcp open netbios-ssn #這跟 Samba 有關
199/tcp open smux #這跟 SNMP 有關,MRTG 用的到
443/tcp open https #這跟網頁加密有關
445/tcp open microsoft-ds #這跟 Samba 有關
3000/tcp open ppp #這跟 ntop 有關
3128/tcp open squid-http #這跟 PROXY 有關
3306/tcp open mysql #這跟 MySQL資料庫 有關
10000/tcp open snet-sensor-mgmt #這跟 Webmin 有關
Nmap run completed -- 1 IP address (1 host up) scanned in 1.149 seconds
#
只有需要的服務才可以啟動,可以用 ntsysv 指令設定開機要啟動的服務
防火牆設定:
iptables -L
system-config-securitylevel-tui
圖一、圖二
pop3:tcp https:tcp squid:tcp 3000:tcp 10000:tcp
#請視自己需求開放連線服務
iptables -L
chkconfig iptables on
注意:以後若有任何服務連線有問題的話,請記得先將防火牆關閉再來偵錯,以免造成困擾
/etc/rc.d/init.d/iptables stop
▲Top
|
