Last modified: Sept. 3, 2011
Contents
1 - Summary
2 - Dependencies
3 - MRTG installation
4 - Service configuration
5 - View status on website
6 - Service check
1 - Summary
This guide will show you how to install mrtg in Red Hat Enterprise Linux. MRTG
is used to store information used to create graphs to display traffic. This has
been tested in Red Hat Enterprise Linux 5 x86_64.
2 - Dependencies
Install the apache package. Apache is a web server that will host the web pages
that display the network information.
# sudo yum install httpd.x86_64
[sudo] password for user:
Find where the apache daemon was installed to.
# rpm -ql httpd-* | grep sbin
/usr/sbin/apachectl
/usr/sbin/htcacheclean
/usr/sbin/httpd
/usr/sbin/httpd.event
/usr/sbin/httpd.worker
/usr/sbin/httxt2dbm
/usr/sbin/rotatelogs
/usr/sbin/suexec
Enable the apache service so that it will start when the system starts up.
# sudo /sbin/chkconfig httpd on
[sudo] password for user:
# sudo /sbin/chkconfig --list httpd
[sudo] password for user:
httpd 0:off 1:off 2:on 3:on 4:on 5:on 6:off
Find where the configuration file should be put.
# rpm -ql httpd-* | grep init.d
/etc/rc.d/init.d/httpd
# grep httpd.conf /etc/rc.d/init.d/httpd
# config: /etc/httpd/conf/httpd.conf
CONFFILE=/etc/httpd/conf/httpd.conf
# strings /usr/sbin/httpd | grep httpd.conf
-D SERVER_CONFIG_FILE="conf/httpd.conf"
conf/httpd.conf
directive in your httpd.conf file to list a non-root
You will need to modify the original configuration file. Add the following. In
this example, I set the websites to be stored in an alernate directory. By the
way, there is already a group named it which includes an account for the web
developers.
ServerName server.test.com
DocumentRoot "/data/websites/test/server"
ErrorLog syslog
LogFormat "%v:%p %h %l %u %t \"%r\" %>s %b \"%{Referer}i\" \"%{User-Agent}i\"" commonvhost
CustomLog "|/usr/bin/logger" commonvhost
#Alias /icons/ "/var/www/icons/"
#<Directory "/var/www/icons">
# Options Indexes MultiViews
# AllowOverride None
# Order allow,deny
# Allow from all
#</Directory>
#ScriptAlias /cgi-bin/ "/var/www/cgi-bin/"
#<Directory "/var/www/cgi-bin">
# AllowOverride None
# Options None
# Order allow,deny
# Allow from all
#</Directory>
#Alias /error/ "/var/www/error/"
ErrorDocument 404 /index.html
NameVirtualHost *:80
NameVirtualHost *:443
<VirtualHost *:80>
ServerName server.test.com
Redirect / https://server.test.com/
</VirtualHost>
<VirtualHost *:443>
ServerName server.test.com
ServerAdmin root@localhost
DocumentRoot /data/websites/test/server
</VirtualHost>
# rpm -ql httpd-* | grep "httpd\.conf"
/etc/httpd/conf/httpd.conf
# sudo cp /etc/httpd/conf/httpd.conf /etc/httpd/conf/httpd.conf.example
[sudo] password for user:
# sudo vi /etc/httpd/conf/httpd.conf
[sudo] password for user:
# sudo mkdir -p /data/websites/test/server
[sudo] password for user:
# sudo mkdir -p /data/logs/httpd
[sudo] password for user:
# sudo chown -R root:it /data/logs/httpd/
[sudo] password for user:
Install the mod_ssl package for SSL certificate support. Copy in the SSL
certificate files to /etc/httpd/ssl/.
# sudo yum install mod_ssl.x86_64
[sudo] password for user:
# sudo mkdir /etc/httpd/ssl/
[sudo] password for user:
You will need to modify the original configuration file. Add the following.
#SSLPassPhraseDialog builtin
ErrorLog syslog
SSLCertificateFile /etc/httpd/ssl/test.cer
SSLCertificateKeyFile /etc/httpd/ssl/test.key.alt
SSLCertificateChainFile /etc/httpd/ssl/test.crt
# rpm -ql mod_ssl-* | grep conf.d
/etc/httpd/conf.d/ssl.conf
# sudo cp /etc/httpd/conf.d/ssl.conf /etc/httpd/conf.d/ssl.conf.example
[sudo] password for user:
# sudo vi /etc/httpd/conf.d/ssl.conf
[sudo] password for user:
Create an index file.
<html>
<head>
<title>Test: Network monitoring</title>
</head>
<body>
<a href="https://server.test.com/mrtg/">Bandwidth information - MRTG</a><br>
</body>
</html>
# sudo vi /data/websites/test/server/index.html
[sudo] password for user:
Configure syslog appropriately.
Install the perl package. The perl version has to be at least 5.005. If you use
SNMP version 3, you need perl version 5.8 at least.
# sudo yum install perl.x86_64
[sudo] password for user:
# rpm -ql perl-* | grep bin | grep perl
/usr/bin/find2perl
/usr/bin/perl
/usr/bin/perl5.8.8
/usr/bin/perlbug
/usr/bin/perlcc
/usr/bin/perldoc
/usr/bin/perlivp
/usr/lib/perl5/5.8.8/unicore/CombiningClass.pl
/usr/lib/perl5/5.8.8/unicore/lib/gc_sc/InCombin.pl
# /usr/bin/perl -v | grep -i built
This is perl, v5.8.8 built for x86_64-linux-thread-multi
Install the net-snmp-utils package.
# sudo yum install net-snmp-utils.x86_64
[sudo] password for user:
3 - MRTG installation
Install the mrtg package.
# mkdir mrtg
# cd mrtg/
# wget http://apt.sw.be/redhat/$rel/$lang/$arch/extras/RPMS/mrtg-$ver.$rel.rfx.$arch.rpm
# sudo rpm -ivh mrtg-$ver.$rel.rfx.$arch.rpm
[sudo] password for user:
# cd ..
# rm -fr mrtg/
4 - Service configuration
Find where the mrtg application was installed to.
# rpm -ql mrtg-* | grep bin
/usr/bin/cfgmaker
/usr/bin/indexmaker
/usr/bin/mrtg
/usr/bin/rateup
Enable the mrtg service so that it will start when the system starts up. Here
is a script I created to start and stop the mrtg daemon.
#!/bin/bash
# chkconfig: - 50 50
# description: mrtg
mrtg=/usr/bin/mrtg
options="-lock-file /etc/mrtg/.mrtg.lock -logging /data/logs/mrtg/mrtg.log \
-daemon -pid-file=/var/run/mrtg.pid /etc/mrtg/mrtg.cfg"
case "$1" in
start)
echo "Starting mrtg: [ OK ]"
env LANG=C $mrtg $options > /dev/null
;;
stop)
if [ -e /var/run/mrtg.pid ]
then
echo "Stopping mrtg: [ OK ]"
kill -9 `cat /var/run/mrtg.pid`
rm -f /var/run/mrtg.pid
else
echo "mrtg is not running..."
fi
;;
status)
if [ -e /var/run/mrtg.pid ]
then
pid=`cat /var/run/mrtg.pid`
echo "mrtg (pid $pid) is running..."
else
echo "mrtg is not running..."
fi
;;
restart)
if [ -e /var/run/mrtg.pid ]
then
echo "Stopping mrtg: [ OK ]"
kill -9 `cat /var/run/mrtg.pid`
rm -f /var/run/mrtg.pid
else
echo "mrtg is not running..."
fi
echo "Starting mrtg: [ OK ]"
env LANG=C $mrtg $options > /dev/null
;;
*)
echo "Usage: $0 {start|stop|status|restart}"
exit 1
;;
esac
# sudo vi /etc/rc.d/init.d/mrtg
[sudo] password for user:
# sudo chmod 755 /etc/rc.d/init.d/mrtg
[sudo] password for user:
# sudo /sbin/chkconfig --add mrtg
[sudo] password for user:
# sudo /sbin/chkconfig mrtg on
[sudo] password for user:
# sudo /sbin/chkconfig --list mrtg
[sudo] password for user:
mrtg 0:off 1:off 2:on 3:on 4:on 5:on 6:off
Create a new configuration file.
# rpm -ql mrtg-* | grep mrtg.cfg
/etc/mrtg/mrtg.cfg
/usr/share/doc/mrtg-*/contrib/PMLines/mrtg.cfg-demo
/usr/share/doc/mrtg-*/contrib/TCH/mrtg.cfg
/usr/share/doc/mrtg-*/contrib/accesslistmon/mrtg.cfg
/usr/share/doc/mrtg-*/contrib/mrtgmk/cfg/mrtg.cfg
/usr/share/doc/mrtg-*/contrib/mrtgrq/make-mrtg.cfg.awk
/usr/share/doc/mrtg-*/contrib/net-hosts/make-mrtg.cfg.awk
/usr/share/doc/mrtg-*/contrib/stat/mrtg.cfg
# sudo cp /etc/mrtg/mrtg.cfg /etc/mrtg/mrtg.cfg.example
[sudo] password for user:
# sudo /usr/bin/cfgmaker --global "Options[_]: bits, growright" --global \
"HtmlDir: /data/websites/test/server/mrtg" --global "ImageDir: \
/data/websites/test/server/mrtg" --global "LogDir: /data/monitoring/mrtg" \
--global "RunAsDaemon: Yes" --global "Interval: 5" --output=/etc/mrtg/mrtg.cfg \
public@router.test.com
[sudo] password for user:
# sudo mkdir -p /data/monitoring/mrtg
[sudo] password for user:
# sudo mkdir /data/logs/mrtg/
[sudo] password for user:
# sudo chown -R root:it /data/logs/mrtg/
[sudo] password for user:
You will need to modify the original configuration file for mrtg used by
apache. Have only the following.
Alias /mrtg/ "/data/websites/test/server/mrtg/"
<Directory "/data/websites/test/server/mrtg">
AuthType Basic
AuthName "Restricted"
AuthUserFile /etc/httpd/conf/htaccounts
Require user Administrator
Options None
Order allow,deny
Allow from all
</Directory>
# rpm -ql mrtg-* | grep "conf\.d"
/etc/httpd/conf.d/mrtg.conf
# sudo cp /etc/httpd/conf.d/mrtg.conf /etc/httpd/conf.d/mrtg.conf.example
[sudo] password for user:
# sudo vi /etc/httpd/conf.d/mrtg.conf
[sudo] password for user:
Create a user account using htpasswd that will be allowed to view the mrtg
information.
# rpm -ql httpd-* | grep htpasswd
/usr/bin/htpasswd
/usr/share/man/man1/htpasswd.1.gz
# sudo /usr/bin/htpasswd -c -s /etc/httpd/conf/htaccounts Administrator
[sudo] password for user:
New password: ********
Re-type new password: ********
Adding password for user Administrator
Copy the mrtg web directory and set ownership and permissions. By the way,
there is already a group named it which includes an account for the web developers.
# grep Alias /etc/httpd/conf.d/mrtg.conf.example
Alias /mrtg /var/www/mrtg
# sudo cp -Rp /var/www/mrtg/ /data/websites/test/server/mrtg/
[sudo] password for user:
# sudo /usr/bin/indexmaker --output=/data/websites/test/server/mrtg/index.html \
--title="Test Bandwidth Usage" --columns=4 --sort=name --width=250 \
--height=100 --section=name /etc/mrtg/mrtg.cfg
[sudo] password for user:
# sudo chown -R apache:it /data/websites/test/server/mrtg/
[sudo] password for user:
# sudo chmod -R 774 /data/websites/test/server/mrtg/
[sudo] password for user:
You will need to configure SELinux appropriately. SELinux status can be
found by running sestatus.
# sudo /usr/sbin/sestatus | grep status:
[sudo] password for user:
SELinux status: enabled
Before starting the server, make sure that tcp ports 80 and 443 are open in
case you are running firewall software. Here are some sample rules.
-A RH-Firewall-1-INPUT -m state --state NEW -m tcp -p tcp --dport 80 -j ACCEPT
-A RH-Firewall-1-INPUT -m state --state NEW -m tcp -p tcp --dport 443 -j ACCEPT
# sudo /sbin/service iptables stop
[sudo] password for user:
Flushing firewall rules: [ OK ]
Setting chains to policy ACCEPT: filter [ OK ]
Unloading iptables modules: [ OK ]
# sudo cp /etc/sysconfig/iptables /etc/sysconfig/iptables.previous
[sudo] password for user:
# sudo vi /etc/sysconfig/iptables
[sudo] password for user:
# sudo /sbin/service iptables start
[sudo] password for user:
Applying iptables firewall rules: [ OK ]
Loading additional iptables modules: ip_conntrack_netbios_n[ OK ]
Start the apache service.
# sudo /sbin/service httpd start
[sudo] password for user:
Starting httpd: [ OK ]
Start the mrtg service.
# sudo /sbin/service mrtg start
[sudo] password for user:
Starting mrtg: [ OK ]
5 - View status on website
Navigate your web browser to https://server.test.com/. Click on the link for
Bandwidth information - MRTG. After you login, you will see a screen showing a
summary of the network information.
6 - Service check
Reboot your computer. Log in like normal and check to see that the httpd and
mrtg services are running. That's it, now you have mrtg running in Red Hat
Enterprise Linux.
# sudo /sbin/shutdown -r now
[sudo] password for user:
# sudo /sbin/service httpd status
[sudo] password for user:
httpd (pid 3409) is running...
# sudo /sbin/service mrtg status
[sudo] password for user:
mrtg (pid 3153) is running...
|
