|
|
Autonomous System Number ASN Extension for The Webalizer - README.ASN
This is release 1.3b of webalizer-asn
Copyright (C) 2003-2007, Marco Steinacher
Init Seven AG http://www.init7.net
ABOUT
This version is based on version 2.01-10 of The Webalizer extended by the
AS number (ASN) lookup feature. The Webalizer is a cool web server analysis
program written by Bradford L. Barrett. See http://www.webalizer.org for
more information.
With this extension The Webalizer has the ability to perform AS number lookups
to generate additional statistics. The AS number identifies the AS (Autonomous
System) a host is belonging to. An Autonomous System is a group of IP networks
operated by one or more network operator/s which has a single and clearly
defined external routing policy.
(See RFC1930 for more information about AS numbers.)
It can be useful for high-traffic sites and ISPs when they know from which
networks their visitors come from. For example they can plan future peerings
or other things based on this information.
This document attempts to explain how it works and some things that you should
be aware of when using the AS number lookup features.
STATUS
Please note that this is BETA-software that has NOT been tested on many
systems with different configurations.
See CHANGES.ASN for information about bugfixes etc.
INSTALLATION
1. Download the Source at http://www.init7.net/webalizer_asn/.
2. Minimal installation steps:
./configure --enable-dns --enable-asn
make
make install
If you get errors you maybe have to add other options for configure.
For example:
--with-dblib=/usr/lib or --with-dblib=/usr/local/lib
--with-db=/usr/include/db1
--with-gdlib=/usr/local/lib
See also the FAQ at http://www.mrunix.net/webalizer/faq.html.
The option --enable-asn enables the ASN feature. If you enable the
ASN feature you *must* also enable the DNS feature with '--enable-dns'
See DNS.README for additional information.
3. Add a line to your crontab to update the ASN DB file regularly.
See DOWNLOADING AND UPDATING THE ASN DB FILE below.
HOW IT WORKS
ASN lookups are made against an ASN DB file containing routes and AS
numbers. Because the ASN lookup needs the IP address of each host also
non-reverse DNS lookups are required. These are automatically made when
he ASN feature is enabled. They are done like the reverse lookups using
the same cache file etc.
To enable the ASN feature you must either use the '-B' command line switch,
or the 'ASNDB' configuration keyword. If no DB file is specified, no
attempts to perform ASN lookups will be done.
Note, that you also have to enable the DNS feature if you enable ASN
lookups ('-D' or 'DNSCache, see DNS.README) unless you specify use the
ASNWithoutDNS (-b) option (see hint 2 below).
Hint 1:
If you want reliable results or you see too much 'UNKNOWN' AS numbers
in the report, it is recommended that you disable hostname lookups
(HostnameLookups Off in your Apache configuration) and let The
Webalizer do the hostname lookups. That is because the hostnames
in the logfile may be outdated or unresolvable (e.g. dialup network
of ISPs that only have reverse DNS records) and then the ASN lookups
give you wrong or 'UNKNOWN' AS numbers.
Hint 2:
If you are only interested in IP addresses and AS numbers then
you can speedup The Webalizer by disabling DNS lookups and using the
ASNWithoutDNS (-b) option. But remember: In this case the logfile
*must* only contain IP addresses but no hostnames!
Other options/configuration keywords related to the ASN feature are:
-O / TopASNs : Number of top AS numbers to be listed
-Z / ASNGraph : Supress AS number graph
AllASNs : Generate HTML page with all AS numbers
DumpASNs : Dump all AS numbers to a tab separated file (asn_YYYYMM.tab)
EXAMPLE
webalizer -c test.conf -N 10 -D dns_cache.db -B /var/local/asn_db /var/log/my_www_log
This will use the configuration file 'test.conf' to obtain normal
configuration options such as hostname and output directory... it
will use the DNS cache file 'dns_cache.db' (using 10 child processes)
in the default output directory and the ASN DB file '/var/local/asn_db'.
(Of course you can use the keywords DNSCache, DNSChildren and ASNDB in
the configuration file instead of using the options -D, -N and -B.)
DOWNLOADING AND UPDATING THE ASN DB FILE
The ASN DB file is in the Alligator database format (ADB), generated by
the Piranha/Alligator BGP route collector. Visit http://www.netlantis.org
for more information.
You can download a current ASN DB file from:
http://www.init7.net/webalizer_asn/alligator/webalizer_asn.adb.gz
It is recommended to update this ASN DB file weekly (e.g. with a cronjob).
You can use the script webalizer-update-asndb to do so.
CONSIDERATIONS
Processing of live log files is discouraged, as the chances of log records
being written between the time of ASN/DNS resolution and normal processing
will cause problems.
ASNDB-READER
When compiling The Webalizer the tool 'asndb-reader' will be created
in the source directory. You can use it to dump the content of the
ASN DB file or to lookup the AS number for an IP address or even process
a file with IP addresses. With this feature you can query the AS numbers
for list of IP addresses very fast.
CONTACT
Send bug reports, suggestions, comments to msteinacher@init7.net.
URL: http://www.init7.net/webalizer_asn/
COPYRIGHT
Copyright (C) 2003-2007 Marco Steinacher, Init Seven AG
webalizer-asn is free software.
See the file COPYING for copying conditions.
EOF
[Back] [text/plain]
|
