1. This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn More.

RV0xx shell commands, usage management

Discussion in 'Cisco Small Business Routers and VPN Solutions' started by akk142, Dec 13, 2005.

  1. akk142

    akk142 Network Guru Member

    Hey i've been playing with this to see who is out of control w/ peer to peer or a virus on my network. By telnetting and using some of the basic commands I can see the NAT translation tables. With that I can gather basic usage stats. But I want more control. Really, I want to be able to see each persons usage (especially outbound).

    To telnet (by ICHIRO):
    http://192.168.1.1/sysinfo123.htm?ConsoleSimulation=1

    telnet 192.168.1.1

    Username:admin
    Password:admin

    rg_conf_set /nk/telnetd_enabled 1
    flash_commit
    reboot

    Network address translation (NAT) table:
    rgpf_info at RV0xx> prompt

    In this table, all the mappings are available and the bytes per session are also available.

    This helps me get a basic idea of the usage per person, but it doesn't tally anything.

    Anyone have anything to add?

    I'm also wondering what makes the router stop going to certain websites after like a week. If I reboot it, it works fine. Is it too many translation, a full syslog, or maybe a full cache DNS table. Who knows? Any ideas?

    -akk142
     
  2. username_taken

    username_taken Network Guru Member

    Hrmmm, I'm trying to do the same thing. I wrote the following Perl which will do the telnet for and attempt to summarise the data. it's not quite perfect as some lines don't match, but is pretty close. Unfortunately there's no completely unique IP so I don't know if a particular session was picked up last time it ran, therefore I can't guarentee the counts :/

    Code:
    #!/usr/bin/perl
    
    $username = 'admin';
    $passwd = 'admin';
    
    use Net::Telnet ();
        $t = new Net::Telnet (Timeout => 10,
                              Prompt => '/SME100/');
        $t->open("10.0.0.252");
        $t->login($username, $passwd);
        @lines = $t->cmd("rgpf_info");
    
    print "id:source_ip:proto:dest_ip:dest_port:bytes:bytes_used\n";
    
    $next = 1;
    foreach ( @lines ) {
      chomp;
      s/\[|\]|proxy//g;
      $next = 0 if /^List of active sessions:$/;
      $next = 1 if /^List of active host mappings:$/;
      next if $next;
      @line = split /\s+/;
      next if $line[1] =~ /!^\@/;
      $id = $line[1];
      $id = substr $id, 1, -1;
      $match = 0;
      for ( $i = 0; $i < @line; $i++) {
        if ( $line[$i] eq "bytes" ) {
          $match = $i;
          last;
        }
      }
      #print "$_\n";
      print "$id:$line[2]:$line[9]:$line[10]:$line[11]:$line[$match++]:$line[$match]\n" if $id;
    }
    
    output looks like:
    Code:
    id:source_ip:proto:dest_ip:dest_port:bytes:bytes_used
    1:10.0.0.253:TCP:202.58.56.36:80:bytes:1329
    2:10.0.0.167:TCP:65.126.202.72:443:bytes:1158
    3:10.0.0.167:TCP:65.126.202.72:443:bytes:1158
    4:10.0.0.253:TCP:202.58.56.36:80:bytes:3965
    5:10.0.0.253:TCP:210.50.7.243:80:bytes:24337
    6:10.0.0.253:TCP:210.50.7.243:80:bytes:6423
    7:10.0.0.253:TCP:210.50.7.243:80:bytes:1241
    8:10.0.0.253:TCP:202.58.56.36:80:bytes:4624
    9:10.0.0.167:TCP:65.126.202.72:443:bytes:10835
    10:10.0.0.253:TCP:202.58.56.36:80:bytes:2203
    
     

Share This Page