Hello!
I'm running RT-AC66 with 3.0.0.4.374.38_2 Merlin build.
Web interface has Tools-System Information page which is of great interest to me. I want to monitor network sessions established through my home gateway. The Network section of the Tools_Sysinfo.asp script contains
"Connections" counters. It looks like this:
"Connections 1698 / 300000 - 664 active"
As a result of my tiny investigation I've found that:
- the first is network sessions as it is reported by netfilter and could be found at /proc/sys/net/netfilter/nf_conntrack_count
- the second is the maximum number of sessions supported and it is also might be read from /proc/sys/net/netfilter/nf_conntrack_max
What I don't understand is the third counter that is referred as "active". I'm not so good in ASP and could not translate what <% sysinfo("conn.active"); %> means in /www/Tools_Sysinfo.asp. sysinfo script available from shell does not contain this info and does not support variables.
Does anybody know what this counter means and whether I want to draw it in my cacti how to get the value out of the system? Maybe it's the number of bidirectional sessions in Active (Established) state reported by iptables?
The main goal of monitoring these values is to check the health of the internal network. Unexpected spikes in the sessions number might indicate an infection such as virus or bot net deployed.
Thanks in advance.
I'm running RT-AC66 with 3.0.0.4.374.38_2 Merlin build.
Web interface has Tools-System Information page which is of great interest to me. I want to monitor network sessions established through my home gateway. The Network section of the Tools_Sysinfo.asp script contains
"Connections" counters. It looks like this:
"Connections 1698 / 300000 - 664 active"
As a result of my tiny investigation I've found that:
- the first is network sessions as it is reported by netfilter and could be found at /proc/sys/net/netfilter/nf_conntrack_count
- the second is the maximum number of sessions supported and it is also might be read from /proc/sys/net/netfilter/nf_conntrack_max
What I don't understand is the third counter that is referred as "active". I'm not so good in ASP and could not translate what <% sysinfo("conn.active"); %> means in /www/Tools_Sysinfo.asp. sysinfo script available from shell does not contain this info and does not support variables.
Does anybody know what this counter means and whether I want to draw it in my cacti how to get the value out of the system? Maybe it's the number of bidirectional sessions in Active (Established) state reported by iptables?
The main goal of monitoring these values is to check the health of the internal network. Unexpected spikes in the sessions number might indicate an infection such as virus or bot net deployed.
Thanks in advance.
