[mrtg] Re: Firewall monitoring

Martin Ansdell-Smith mas at ansdell.demon.co.uk
Fri Aug 20 12:09:22 MEST 1999


On Thu, 19 Aug 1999, Kyle Maxwell wrote:

> I'm trying to monitor loads on firewalls. What I would really like to
> do is monitor how much activity the firewall is processing on each
> *port*, rather than just on the *interface*. For example, how much
> traffic goes through on port 80 (HTTP traffic), 25 (SMTP traffic),
> etc. Reading through the spec's on MIB-II and HR-MIB, I don't see
> facilities in those to do this. I'm still waiting to get spec's on the
> vendor's proprietary MIB, which hopefully will contain this
> information.
> 
> Is this actually contained in the standard MIB's, and I'm just missing
> it somehow? Has anyone used MRTG to graph this sort of data before?

It's not in MIB-2 but it is in RMON2 (RFC2021) and, by extension, SMON
(RFC2613) and, as you say, might be provided in a proprietary MIB. An
alternative might be that the information could be in the firewall logs
and you might be able to get it from that (although it may not be
available as frequently as every 5 minutes by default).


> Thanks in advance.
> 
> --
> Kyle Maxwell
> 972.507.4652   HQM05C81
> Systems Engineer (Firewall Security)
> GTE EIPS

--
Martin Ansdell-Smith
Network Analyst			http://www.ansdell.demon.co.uk/

--
* To unsubscribe from the mrtg mailing list, send a message with the
  subject: unsubscribe to mrtg-request at list.ee.ethz.ch
* The mailing list archive is at http://www.ee.ethz.ch/~slist/mrtg


More information about the mrtg mailing list