Configuring MRTG and NET-SNMP for monitoring Linux System Parameters

Configuration:
MRTG ver. 2.97
Net-SNMP ver. 4.2.6
OS : RedHat Linux 7.3

This doc should help you with configuring a RedHat Linux box for monitoring system parameters (local/remote), using Net-SNMP and MRTG.

About MRTG and Net-SNMP

MRTG (Multi-Router Traffic Grapher)
The Multi Router Traffic Grapher (MRTG) is a tool to monitor the traffic load on network-links. MRTG generates HTML pages containing graphical images which provide a LIVE visual representation of this traffic.
Check http://www.ee.ethz.ch/stats/mrtg/ for an example.
MRTG is based on Perl and C and works under UNIX and Windows NT.
MRTG is being successfully used on many sites around the net

Net-SNMP

Net-SNMP is a collection of various tools relating to the Simple Network Management Protocol including:

* An extensible agent
* An SNMP library
* tools to request or set information from SNMP agents
* tools to generate and handle SNMP traps
* a version of the unix ‘netstat’ command using SNMP
* a graphical Perl/Tk/SNMP based mib browser

Continue reading Configuring MRTG and NET-SNMP for monitoring Linux System Parameters

DishNet DSL, Aztech DSL Turbo 100U and RedHat Linux

Aztech 100U DSL USB modem is widely used in India by DishNET DSL to provide DSL connectivity. In order to use their DSL service on Linux, two steps are required:
1) Installing/configuring the driver to work under linux
2) To make the DSL modem connect to the provider.

OS Configuration: RedHat linux 8.0

1) Installing/configuring the driver
a. download the driver from http://eciadsl.flashtux.org/eciadsl-usermode-cvs.tar.gz
b. untar it and run the configuration script (refer README/INSTALL for more details.
c. provide the following details when prompted:
Vid1/Pid1 : 0509 / 0801
Vid2/Pid2 : 0915 / 0802
VPI/VCI : 0/32
d. run the startmodem script. If configured properly, you would be seeing the modem working.

Installing Spamassassin for filtering Spam

Note: This document is only for per-user configuration of spamassassin

Configuration: RedHat Linux 7.2, Sendmail 8.12.6, procmail 3.21, SpamAssassin 2.43 ( and you will have to be connected to the internet)

Installing the prerequisites:
Spam assassin depends on other perl modules. The complete SpamAssassin package along with its dependent modules can be installed using CPAN:
as root:
# perl -MCPAN -e shell
install Mail::SpamAssassin
quit

If CPAN has been configured properly, this should be a successfull install. SpamAssassin is now installed in /usr/bin/SpamAssassin.

We would be using procmail to filter messages. Due to sendmail’s security feature, we would have to create a symlink to procmail in the director /usr/adm/sm.bin
# cd /usr/adm/sm.bin
# ln -s /usr/bin/procmail ./procmail
( sendmail executes the programs, only when they are symlinked to, in /usr/admin/sm.bin)

Configuring SpamAssassin ( for user, say, ram)
1) Make sure that your home root directory ( /home) and your home directory ( /home/ram) is not group writable.
2) create a file in your home directory, ~ram/.forward, and add the follwing to it:
“|/usr/bin/procmail -f- #ram”

3) now, this ~ram/.forward file should have permission of 700
4) create a file called spams in your home directory
5) create file, ~ram/.procmailrc with the following content:
:0fw
| /usr/bin/spamassassin
:0
* ^^rom[ ]
{
LOG=”*** Dropped F off From_ header! Fixing up. ”

:0 fhw
| sed -e ‘1s/^/F/’
}

( Here, we are processing the incoming mail using SpamAssassin, and if the mail is marked by SpamAssassin as a spam, we move it to a file called spams. The third rule is a workaround for a bug in procmail 3.21)

6) Send a test mail to yourself. you should now see the following in your mail header:
X-Spam-Status: No, hits=2.6 required=5.0
tests=FROM_AND_TO_SAME_1,NO_REAL_NAME,SPAM_PHRASE_00_01
version=2.43
X-Spam-Level: **
X-UIDL: 5,@!!fXk!!`Cm”!6?l”!M

7) You can now configure your mail client to parse the headers and check for X-spam-Status = Yes, throw into a seperate folder , or use procmail to do it, by adding:
:0:
* ^X-Spam-Status: Yes
spams
as your second rule.

Rsync and Log Processing

To manage and process logs of multiple webservers, Rsync provides the best method for transferring the logs from servers to centralized log processing server.

There are two major steps involved
a) Configuring the Log Processing Server (IP: 192.168.1.1)
b) Configuring the client (say, www.myserver.com) to transfer the logs to the central server.

Configuring the Log Processing Server

Let this server have IP address 192.168.1.1. We create a directory , /usr/local/logs, where the log files would be downloaded. We create a subdirectory for www.myserver.com, under /usr/local/logs. (mkdir /usr/local/logs/www.myserver.com)

a. create a group logman and add user logman to it. This will be the uid/gid for the log files
b. edit/create /etc/rsyncd.conf, with the following details:

uid = logman
gid = logman
use chroot = yes
max connections = 4
log file = /var/log/rsyncd.log
pid file = /etc/rsyncd.pid

[www.myserver.com_logs]
comment = here are the apache access logs from www.myserver.com downloaded
path = /usr/local/logs/www.myserver.com/
hosts allow = www.myserver.com
read only = no

c. Now, run rsync:
# rsync –daemon

We have now successfully configured our server to received log files.

Configuring the clients to transfer the logs

on the client system (www.myserver.com), run this command periodically, to transfer the logs:
rsync -azvu /usr/local/apache/logs/access_logs 192168.1.1::www.myserver.com_logs

This way, the logs would be transferred to 192.168.1.1, and would be updated (not deleted and recreated, differential transfer) everytime.