pptp vpn 记录访问日志
安装目录/etc/ppp/文件夹下面自带有几个文件和一个文件夹
ip-down
ip-down.ipv6to4
ip-up
ip-up.ipv6to4
ipv6-down
ipv6-up
peers
vpn连接日志记录主要实现是通过ip-up 和ip-down两个脚本来实现的。这里说下原理吧,原理是通过pptp建立连接的时候都会执行ip-up,然后断线会执行ip-down。
修改下ip-up 脚本内容
#!/bin/bash
LOG_DIR=”/var/log/pptpdlog”
curDay=`date +”%Y%m%d”`
logFile=”${LOG_DIR}/up-$PEERNAME-pptpd${curDay}.log”
echo “##################################” >> $logFile
echo “Now User $PEERNAME is connected!!!” >> $logFile
echo “##################################” >> $logFile
echo “time: `date -d today +%F_%T`” >> $logFile
echo “clientIP: $6” >> $logFile
echo “username: $PEERNAME” >> $logFile
echo “device: $1” >> $logFile
echo “vpnIP: $4” >> $logFile
echo “assignIP: $5″ >> $logFile
修改下ip-down脚本内容
#!/bin/sh
LOG_DIR=”/var/log/pptpdlog”
curDay=`date +”%Y%m%d”`
logFile=”${LOG_DIR}/down-$PEERNAME-pptpd${curDay}.log”
echo “#####################################” >> $logFile
echo “Now User $PEERNAME is disconnected!!!” >> $logFile
echo “#####################################” >> $logFile
echo “time: `date -d today +%F_%T`” >> $logFile
echo “clientIP: $6” >> $logFile
echo “username: $PEERNAME” >> $logFile
echo “device: $1” >> $logFile
echo “vpnIP: $4” >> $logFile
echo “assignIP: $5” >> $logFile
echo “connect time: $CONNECT_TIME s” >> $logFile
echo “bytes sent: $BYTES_SENT B” >> $logFile
echo “bytes rcvd: $BYTES_RCVD B” >> $logFile
sum_bytes=$(($BYTES_SENT+$BYTES_RCVD))
sum=`echo “scale=2;$sum_bytes/1024/1024″|bc`
echo “bytes sum: $sum MB” >> $logFile
ave=`echo “scale=2;$sum_bytes/1024/$CONNECT_TIME”|bc`
echo “average speed: $ave KB/s” >> $logFile
其中ip-down主要的参数 就是用户名 连接ip 连接时间
可以简写成:
#!/bin/sh
LOG_DIR="/var/log/pptpdlog"
curDay=`date +"%Y%m%d"`
logFile="${LOG_DIR}/down-"$PEERNAME"-pptpd${curDay}.log"
echo "$PEERNAME $6 $CONNECT_TIME"s"" >> $logFile
格式:
jc 192.168.25.2 12s
给予下权限 (如果有问题,查看/var/log/messages系统日志 是否有类似 Can’t execute /etc/ppp/ip-down: Permission denied)
[root@localhost ppp]# pwd /etc/ppp [root@localhost ppp]# chmod 777 ip-up ip-down
连接vpn,查看下日志
[root@localhost ppp]# cat /var/log/pptpdlog/up-pptpd20160825.log ################################## Now User test is connected!!! ################################## time: 2016-08-25_16:07:15 clientIP: *.*.*.* 这里ip我用*.*.*.* 代表了 username: test device: ppp0 vpnIP: *.*.*.* assignIP: *.*.*.* [root@localhost ppp]# cat /var/log/pptpdlog/down-pptpd20160825.log #################################### Now User test is disconnected!!! ##################################### time: 2016-08-25_16:11:21 clientIP: *.*.*.* username: test device: ppp0 vpnIP: *.*.*.* assignIP: *.*.*.* connect time: 246 s bytes sent: 12784432 B bytes rcvd: 692524 B bytes sum: MB average speed: KB/s
使用命令查看当前连接的用户
last | grep still | grep ppp test ppp0 *.*.*.* Thu Aug 25 16:56 still logged in
统计访问脚本
username=`ls -l down-* |awk -F “-” ‘{print $10}’`
for i in $username
do
echo “”
echo “————————————————”
cat down-“$i”-pptpd20160825.log |grep “username” |awk ‘{print $2}’ >user/$i-u
cat down-“$i”-pptpd20160825.log |grep “clientIP” |awk ‘{print $2}’ >user/$i-ip
cat down-“$i”-pptpd20160825.log |grep “connect time” |awk ‘{print $3}’ >user/$i-time
echo ” $i用户每次连接信息”
echo ”
用户 连接ip 连接时间”
paste user/$i-u user/$i-ip user/$i-time
echo “”
echo “$i 用户总的连接时间”
echo ” `cat user/$i-time |awk ‘{sum += $1};END {print sum}’`s” #按列求和
echo ”
”
done
结果如下:
———————————————— test用户每次连接信息 用户 连接ip 连接时间 test 101.90.252.202 213 test 101.90.252.202 100 test 117.10.154.198 138 test 101.90.252.202 177 test 101.90.252.202 361 test 101.90.252.202 616 test 用户总的连接时间 1605s
