Category Archives: Networks

Using Linux ISG

View all sessions:

/opt/ISG/bin/ISG.pl
/opt/ISG/bin/ISG.pl | less

View information about a specific session:

/opt/ISG/bin/ISG.pl | grep 192.168.4.168

Viewing the number of sessions:

/opt/ISG/bin/ISG.pl show_count

Deleting a specific session:

/opt/ISG/bin/ISG.pl clear 192.168.4.168
/opt/ISG/bin/ISG.pl clear <IP-address | Virtual# | Session-ID>

Change the speed for a specific session (incoming/outgoing, for example 100 MB/s):

/opt/ISG/bin/ISG.pl change_rate 192.168.4.168 102400 102400

I note that the speed is specified in kilobytes, and when viewed in the table of sessions is displayed in bytes.

I’ll describe the possible keys to the flags:
A (Session approved)
X (Session not approved)
S (This is a service (or sub-session))
O (Service administrative status is enabled)
U (Online service (RADIUS account is active, traffic flow))
T (Type of service – “tagger”)
Z (Disconnected)

Setting up and using Traffic Flow in Mikrotik

Enable Traffic Flow on the Mikrotik router:

ip traffic-flow set enabled=yes cache-entries=4k set active-flow-timeout=30m inactive-flow-timeout=15s interfaces=all

View settings:

ip traffic-flow print

Specify the IP address and port of the computer that will receive the Traffic-Flow packets:

ip traffic-flow target add address=192.168.88.240:1234 disabled=no version=9 v9-template-refresh=20 v9-template-timeout=30m

or

ip traffic-flow target add address=192.168.88.240:1234 disabled=no version=5

View settings:

ip traffic-flow target print

To configure through the GUI, the settings can be found in the menu IP -> Traffic Flow.

For monitoring under Windows, you can install the program ManageEngine NetFlow Analyzer, which will work as a server, receive packets from the specified port and generate graphs and statistics via a web server that can be opened by the browser.

For monitoring under Linux, you can install and configure for example flow-tools.

Opening and analysis of files created with NetFlow

Here is an example of viewing statistics:

cat ft-v05.2015-05-01.000759+0300 | flow-stat -f 10 -S 3 | less
cat ft-v05.2015-05-01.000759+0300 | flow-stat -n -p -w -f 26 -S 2 | less
flow-cat ft-v05.2017-12-07.170236+0200 | flow-print | less

You can see the flow-stat tips by typing:

man flow-stat

I will give an example of exporting data to another format (for example, in csv, which can then be opened in windows by any convenient program):

flow-cat ft-v05.2015-05-01.000759+0300 | flow-export -f 2 | less
flow-cat ft-v05.2015-05-01.000759+0300 | flow-export -f 2 > csv.csv

You can display the list with the specified source address with the following command:

flowdumper -se '"192.168.0.1" eq $srcip' ft-v05.2015-06-17.175701+0300

Export the list only with the specified source address to a file, for example, with the following command:

flowdumper -se '"192.168.0.1" eq $srcip' ft-v05.2015-06-17.175701+0300 > file.txt

Example of exporting from multiple files:

flowdumper -se '"192.168.0.1" eq $srcip' /backup/flows/acct/first/2016/2016-01/ft-v05.2015-06-17* > /backup/result.txt

See also:
Installing and using flow-tools

Remote Wake-up of the computer (Wake On LAN)

To remotely turn on the computer, you need to have an ATX power supply, a motherboard with Wake On LAN and BIOS enabled, a Wake On LAN network adapter.

When Wake On LAN is supported, the shut down computer powers the AC adapter that is in low power mode and listens to all packets going to its MAC address without answering them. If a Magic Packet comes, the network adapter sends a signal to turn on the power of the computer.

View active network adapters:

ifconfig

You will need the ethtool package, if it is not installed on the system, you must perform the installation:

sudo apt-get install ethtool

Check for WOL support:

sudo ethtool eth0 | grep Wake

The result of the command if the network card is working with WOL and it is enabled:

Supports Wake-on: g
Wake-on: g

The result of the command when WOL is off:

Wake-on:d

Possible result letters (taken from man ethtool information):

p Wake on PHY activity
u Wake on unicast messages
m Wake on multicast messages
b Wake on broadcast messages
a Wake on ARP
g Wake on MagicPacket™
s Enable SecureOn™ password for MagicPacket™
d Disable (wake on nothing). This option clears all previous options.

To turn on WOL:

sudo ethtool -s интерфейс wol g

Turning on the computer:

apt-get install wakeonlan
wakeonlan -p 50000 00:01:02:03:04:05

-p indicates the UDP port number.

On the Internet, there are also many sites and applications for phones that allow you to send a package to a remote computer.

See also:
Using ethtool

Using ethtool

ethtool – a utility for configuring network interfaces in Linux.

You can install ethtool in Ubuntu / Debian using the command:

sudo apt-get install ethtool

Let’s look at the names of network interfaces:

ifconfig -a

Switch to root, as some commands require elevated privileges:

sudo -i

Example of viewing eth0 settings:

ethtool eth0

Example of viewing information about the network interface driver:

ethtool -i eth0

Viewing Network Interface Statistics:

ethtool -S eth0

View auto-negotiation settings:

ethtool -a eth0

The LED blinks for 3 seconds on the specified network interface:

ethtool -p eth0 3

Network Interface Test:

ethtool -t eth0 online/offline

View the current and maximum size of TX and RX buffers:

ethtool -g eth0

Manual speed setting of 100 Mb Full Duplex on the specified network interface (the specified parameters will be reset after the system restart):

ethtool -s eth0 speed 100 duplex full

Viewing help about ethtool:

ethtool -h

See also:
Configuring the Network in Linux
Changing TX and RX network interface buffers in Linux
Remote Wake-up of the computer (Wake On LAN)