Reporting On IP Masquerading Usage? 6
C0sm1c asks: "I administer a Linux box on my company's LAN that provides all Internet connectivity to staff using Linux IP Masquerading (as well as squid, named etc...). What I need now is a means to report on the Internet usage of machines being masqueraded, and provide reports in both real time and periodic summaries of network usage. These reports will be available for anyone to view, to reduce the misuse of the Internet connection at work as well as usage stats. I've looked at MRTG but it doesn't appear to know about Masqueraded traffic, or provide a means to show the top ten users of the Internet etc... and a breakdown of the protocols used (like amount of ftp, telnet, ICQ traffic). This seems to me to be a fairly common ask, is there an open source package that can provide all this with HTML based reporting?"
ntop (Score:1)
I've given all of our machines behind the firewalls both reverse and forward domain names and ntop can tell me that bob.internal has used 25MB of traffic in the time that I've been monitoring and has used it to contact these servers.
Re:IPFW on FreeBSD (Score:1)
200 users with www/mail/other
This would give me 600 rules in my IPFW?
There must be a smarter way to do this.
Re:What you're asking for is Immoral (Score:2)
In a corporate network, just as in your home, that company owns and pays for the real estate, desks, chairs, bandwidth, machines, software AND the employees time. Believe it or not that company was not created to serve anyone but it's owners and beyond that it doesn't pay for the employee's to sit and surf, download, play games, etc all day long unless it relates to that persons job function. If that company wishes to track what the bandwidth being used by an employee is, so be it. It's the company's money that that employee is spending, and so it is the company's right to track what they do with that paid time and the company's equipment.
Most any court will agree that as a paid employee that person's 'rights' to surf and use someone else's property are far more limited. In addition to this, the limiting of 'improper' internet usage is at the discretion of those who own the equipment and provide it, just as in your own home.
This isn't an issue of restricting privacy and freedoms. Frankly in a corporate environment as a paid employee you have very little "right" to internet freedom, as 'surfing' is not a human right, nor is it a freedom, especially in the walls of a company. I'm interested as to what facts, court decisions and bodies of legislation you can bring to the table that shows us that internet surfing is considered a "freedom" and a "right"?
Please consider the implications of YOUR comments before posting. What you have claimed here is baseless and actually has no place on this board, maybe it should be YOU who goes over to microsoft.com's boards and trolls over there.
... if you don't tell the people being monitored ! (Score:1)
From the poster :
These reports will be available for anyone to view, to reduce the misuse of the Internet connection at work as well as usage stats.
As far as I am concerned, it is not any worst than the usual FTP banner "All connection are logged. If you don't like that, please disconnect now." Once told, it's people's choice to surf or not to surf ...
IPaudit may do the trick... (Score:4)
It's a nice program and can be easily configured to your needs, since it listens on an interface you could easily set it to collect data on the masquerading side ande generate a few reports. Nothing that a few lines of perl won't generate. Here's a link to ipaudit on Freshmeat [freshmeat.net].
--
All browsers' default homepage should read: Don't Panic...
ip accounting (Score:1)
or maybe you want to take some kind of monitoring software and hack the logs into something usable by webalizer?