1

Attempting to generate a traffic graph to monitor tunnel traffic between two vps'es.

two servers: 111.111.111.111 & 222.222.222.222

111 is an app server, 222 is a db server.

Proper iptables rules are in place to allow 111 & 222 to communicate.

I have a tunnel created on 111 to connect to the db server via localhost:4002.

I'd like the monitor the traffic that traverses this tunnel with Munin.

On 111, Tried using the ip_ plugin with no success:

  • ip_222 - graph appeared, no traffic.
  • ip_127.0.0.1:4002 - no graph appeared at all.
  • ip_127.0.0.1 - graph appeared but nan values.

Perhaps ip_ isn't the right plugin. What should I use?

jimg
  • 262
  • 4
  • 15

1 Answers1

1

ip_ will do it, but the plugin matches against the whole IP address followed by a space, as output by "iptables -L -n -v -x", so you would need to use ip_222.222.222.222.

The plugin only matches the first occurrence of the address in the iptables output for each chain, INPUT and OUTPUT (or your custom chains set in the plugin configuration). For example if you're using the standard INPUT chain your input traffic would be that shown by

iptables -L INPUT -n -v -x |grep "222.222.222.222 "|head -n 1

The plugin has some useful documentation on what it expects in the way of firewall rules.

In your second example, the ":" would cause the address to be interpreted as IPv6.

jonb
  • 116
  • 1