Wednesday, October 29, 2008

HowTo: Network traffic & bandwidth monitoring with darkstat on Gentoo

Following the footsteps on installing darkstat on my old 266 Mhz FreeBSD machine I've mirrored the install procedures on my 1.3 Ghz Pentium-M Gentoo Hardened server. This post will cover the installation and configuration of darkstat on a x86 machine running Gentoo Hardened stable.

Darstat captures network traffic, calculates statistics about usage, and serves reports over HTTP.

Darstat provides the following features:
  • Traffic graphs, reports per host, shows ports for each host.
  • Embedded web-server with deflate compression.
  • Asynchronous reverse DNS resolution using a child process.
  • Small. Portable. Single-threaded. Efficient. Uncomplicated.
Follow the bellow steps to update the portage tree and install darkstat:
  • $ su
  • # eix-sync
  • # emerge --ask --tree --verbose darkstat
To enable darkstat at boot time add it to the default runlevel by:
  • # rc-update add darkstat default
Now let's edit /etc/conf.d/darkstat to identify the network interface (in my case eth0) that we wish to monitor and enable logging:
  • # vim /etc/conf.d/darkstat
INTERFACE="eth0"
DAYLOGFILE="darkstat.log"
The next step is to start darkstat by running the following command:
  • # /etc/init.d/darkstat start
To check darkstat daemon status:
  • # /etc/init.d/darkstat status
By default darkstat serves graphs to http://localhost:667, so fire up your browser and point to the location. If you are planning (like me) on accessing to the graphs for another location add port 667 (you can choose another port number in /etc/conf.d/darkstat) to your router Port Forwarding settings.

Hope you enjoy darkstat. I find it extremely useful and refreshing.

Resources:
man darkstat
http://dmr.ath.cx/net/darkstat/
http://linux-bsd-sharing.blogspot.com/2008/10/howto-network-traffic-bandwidth.html

No comments: