Re: [fw-wiz] Squid Proxy

From: Michael Still (mikal_at_stillhq.com)
Date: 09/09/03

  • Next message: Knut Bjornstad: "[fw-wiz] Source of T/TCP traffic" 
    To: Bunnet Som <bunnetsom@hotmail.com>
Date: Tue, 9 Sep 2003 09:20:51 +1000 (EST)

    On Mon, 8 Sep 2003, Bunnet Som wrote:

    > I have interested in linux for long time. I have used linux since it was
    > version 6.2.

    I assume you mean Redhat 6.2, as we're only up to kernel 2.6...

    > Now i wan to know the amount of byte-in and byte-out of each users that use
    > the internet.
    > So can i do this with squid?

    There are _many_ squid log analysers out there. At a most basic level
    /var/log/squid/access.log (or whereever your install of squid puts the
    access log) shows information like:

    1063067472.535 32983 172.29.0.101 TCP_REFRESH_HIT/304 187 GET http://www.google.com/nav_page.gif - DIRECT/216.239.37.99 text/html
    1063067473.769 16660 172.29.0.101 TCP_REFRESH_HIT/304 187 GET http://www.google.com/nav_next.gif - DIRECT/216.239.37.99 text/html
    1063067491.403 80661 172.29.0.101 TCP_MISS/200 19092 GET http://lwn.net/Articles/30107/ - DIRECT/66.216.68.48 text/html
    1063067505.625 31129 172.29.0.101 TCP_REFRESH_HIT/304 256 GET http://lwn.net/images/lcorner.png - DIRECT/66.216.68.48 -

    Where the second column is the number of bytes downloaded, and the third
    column is the IP address of the requesting machine.

    That wont tell you the number of outgoing bytes, nor the amount of non-web
    traffic from each machine, but it's a start.

    Cheers,
    Mikal 

    -- 
Michael Still (mikal@stillhq.com) | "All my life I've had one dream,
http://www.stillhq.com            |  to achieve my many goals"
UTC + 10                          |    -- Homer Simpson
_______________________________________________
firewall-wizards mailing list
firewall-wizards@honor.icsalabs.com
http://honor.icsalabs.com/mailman/listinfo/firewall-wizards
  • Next message: Knut Bjornstad: "[fw-wiz] Source of T/TCP traffic"