Publicado en Español

Monitor command line output from openwrt backfire using snmp

I have been using snmp to monitor Input and Output traffict from my router base on openwrt . but I want to know if if my users have a virus spamer or they use P2P on my network?, how do you find out over the time?. I can run this command any time to find out how many connections there is on the router:
root@OpenWrt:/jffs/etc# cat /proc/net/ip_conntrack | wc -l

So far so good, but i want to have historical data that can give me an idea of when the connections go up or down. Here comes the power of SNMP. First we need iptables-snmp – An snmpd plugin to access iptables rules:

opkg install iptables-snmp

Now we need to created the executable, I put files under /etc/snmp but it is a matter of taste :
root@OpenWrt:/etc/snmp# cat conntrack-count

exit `cat /proc/net/ip_conntrack | wc -l`

Now this needs to be called from the snmpd daemon. So I added on the configuration file:

config exec conntrack_count
option execname conntrack_count
option miboid
option prog ‘/etc/snmp/conntrack-count’

Reload the snmp daemon /etc/init.d/snmpd reload (you did install it did nt you? opkg install snmpd). So now if you call from a snmp client, you can see the number of connections, I use MRTG to create the graphic.

Title[router]: ip_conntrack
MaxBytes[router]: 100

Here is the output:

Before you create an exec you maybe check a ready to go snmp variables in this page: SNMP OIDs for OpenWrt and here 46 SNMP SMIv1 and v2 MIBs ( 10 SMIv1, 36 SMIv2 ) for Linux

Deja un comentario

Tu dirección de correo electrónico no será publicada. Los campos obligatorios están marcados con *