快速业务通道

MRTG监控 ON RHEL6

作者 佚名技术 来源 Linux系统 浏览 发布时间 2012-03-26
sage for first time; ignore them.and run it three time

(b) Fire your favorite web browser (like FireFox :D ) and type url http://www.your.com/mymrtg/ or http://your-ip/mymrtg/

Step # 7 Create crontab entry so that mrtg graph / images get generated every 5 minutes

(a) Login as a root user or login as a mrtg user and type following command:


# crontab -e



(b) Add mrtg cron job entry to configuration file (append following line to it):


*/5 * * * * /usr/bin/mrtg /etc/mrtg/mymrtg.cfg --logging /var/log/mrtg.log



Save file and you are done with MRTG config issues :)

Step # 8 Block ports 161 & 162 at firewall

You do not want to give access to everyone to your snmp server for security reasons. SNMP server uses UDP 161, 162 ports for communication. Use Linux IPTABLES firewall to restrict access to SNMP server

Empire CMS,phome.net

(a) Allow outgoing SNMP server request from your Linux computer. This is useful when you query remote host/router (replace SERVER IO with your real IP):


SERVER="xxx.xxx.xxx.xxx"

iptables -A OUTPUT -p udp -s $SERVER --sport 1024:65535 -d 0/0 --dport 161:162 -m state --state NEW,ESTABLISHED -j ACCEPT

iptables -A INPUT -p udp -s 0/0 --sport 161:162 -d $SERVER --dport 1024:65535 -m state --state ESTABLISHED -j ACCEPT



(b )Allow incoming SNMP client request via iptables. This is useful when you wish to accept queries for rest of the world (replace SERVER IP with your real IP):


SERVER="xxx.xxx.xxx.xxx"

iptables -A INPUT -p udp -s 0/0 --sport 1024:65535 -d $SERVER --dport 161:162 -m state --state NEW,ESTABLISHED -j ACCEPT

iptables -A OUTPUT -p udp -s $SERVER --sport 161:162 -d 0/0 --dport 1024:65535 -m state --state ESTABLISHED -j ACCEPT



Pleae note that above two are just SNMP specific iptables rules. Please consult iptables(8) man page for complete information on iptables

Step # 9 Optional: Protect your MRTG graphs/html pages with password protected directory

Once again, you would like to restrict access to your MRTG reports. This can easily accomplished with Apache webserver''s .htaccess file. If you are on webhosting server with control panel (such as ensim or plesk) then you can use control panel itself to create password-protected directory.

Below is process outlined to protect graphs using apache''s .htaccess file and htpasswd command:

Step # 1: Create .htaccess file in /var/www/html/mymrtg/ directory (add text as follows):


vi /var/www/html/mymrtg/.htaccess



Add following text to file:


AuthName "MRTG Graphs/Html restricted access"

AuthType Basic

AuthUserFile /var/members/.htpasswd

require user mrtgadmin



Step # 2: Create a user and password name (-c assumes first time you are using .htpasswd file):

Empire CMS,phome.net


# htpasswd -c /var/members/.htpasswd mrtgadmin



For more information please see Apache Webserver Authentication and access control mini-howto.

Empire CMS,phome.net

凌众科技专业提供服务器租用、服务器托管、企业邮局、虚拟主机等服务,公司网站:http://www.lingzhong.cn 为了给广大客户了解更多的技术信息,本技术文章收集来源于网络,凌众科技尊重文章作者的版权,如果有涉及你的版权有必要删除你的文章,请和我们联系。以上信息与文章正文是不可分割的一部分,如果您要转载本文章,请保留以上信息,谢谢!

分享到: 更多

Copyright ©1999-2011 厦门凌众科技有限公司 厦门优通互联科技开发有限公司 All rights reserved

地址(ADD):厦门软件园二期望海路63号701E(东南融通旁) 邮编(ZIP):361008

电话:0592-5908028 传真:0592-5908039 咨询信箱:web@lingzhong.cn 咨询OICQ:173723134

《中华人民共和国增值电信业务经营许可证》闽B2-20100024  ICP备案:闽ICP备05037997号