On 2007/07/06 09:26, Juan Miscaro wrote:
> 1. ftp-proxy
> How does one track FTP usage of lan to internet servers?

pfctl -sr -vv is one of many ways.

> 2. spamd
> Is there any way to gather intelligent reports of what is happening
> with spamd?  In essence, I want to get an idea of how much spam has
> been prevented from entering my mail server.

/var/log/daemon. how's this for a quick-and-dirty tool? - of course
it's useful for more than just spamd logs.

<[EMAIL PROTECTED]:5219>$ cat count.pl                                          
                                                            
#!/usr/bin/perl -w
# outputs a "graph" of how many instances of a line of input were seen.

my %LINES;

open (INFILE, '/dev/stdin') or die "can't open /dev/stdin";
while (<INFILE>) {
        chomp;
        $LINES{"$_"} .= '=';
}
close(INFILE);

foreach $line (keys %LINES) {
        printf "$line ".$LINES{"$line"}."\n";
}

...

- which lists get the most hits?

<[EMAIL PROTECTED]:5219>$ cat /var/log/daemon | grep disco | cut -d. -f5 | 
count.pl 
 
=========================================================================================
 lists: spamd-greytrap =========================
 lists: uatraps ==========
 lists: uatraps nixspam =
 lists: nixspam ===========================================

- how many people are on for 0-9, 10-99, 100-999 seconds?

<[EMAIL PROTECTED]:5220>$ cat /var/log/daemon | grep disco | cut -d: -f5 | \
        cut -d' ' -f4 | sed s/[0-9]/0/g | count.pl
000 
====================================================================================================
0 =================
00 =====================================================

- /24s which hit spamd lots?

<[EMAIL PROTECTED]:5221>$ cat /var/log/daemon | grep disco | cut -d: -f4 | \
        cut -d'.' -f-3 | count.pl | grep ========= 
 192.118.71 ========================================
 213.121.128 ========================

- simple management-friendly graphs?

MRTG (grep | wc -l),
hack something into ports/mail/mailgraph,
plenty of other options.

Reply via email to