The Status Menu¶
In this page you find:
The status menu provides a set of pages that display information in both textual and graphic views about various daemons and services running on the UTM. No configuration option is available in this module, which only shows the current and recent status of the UTM.
The following items appear in the sub-menu on the left-hand side of the screen, each giving detailed status information on some functionalities of the UTM:
System status - current status of services, resources, uptime, kernel.
Network status - configuration of network interfaces, routing table, ARP cache.
System graphs - graphs of resource usage.
Traffic Graphs - graphs of bandwidth usage.
Proxy graphs - graph of HTTP proxy access statistics.
Connections - list of all open TCP/IP connections.
OpenVPN connections - list of all OpenVPN connections.
SMTP mail statistics - graphs about the SMTP service.
Mail queue - SMTP server’s mail queue.
Wireless status - list of users connected through the Wireless module (only for Hardware appliance with Wireless module)
System status¶
This page gives a number of information about the running system, organised into three boxes: General information, Disks, and Memory In more details, these are the information presented in each box, which are usually the output of a Linux command. The boxes can be expanded and collapsed by clicking on the or icons, respectively.
Changed in version 6.0: This page has completely been redesigned and its content rearranged.
Changed in version 6.0: Information about the services has been moved to its own section.
General information
This section contains information about basic characteristics of the UTM:
Machine. The CPU model and clock frequency.
Architecture. The architecture of the appliance, which on Endian appliance is 64 bit (
x86_64
). It may be different on virtual or software appliances installed on non-Intel CPUs.Release. The version of the Endian software installed on the Appliance.
Uptime. How much time has passed since the last boot of the UTM.
Kernel version. The version of the Linux kernel installed on the UTM.
Disks
The information contained in this box are the same as those seen in the dashboard’s Disks Plugin (Menubar ‣ System ‣ Dashboard).
Memory
The information contained in this box are the same as those seen in the dashboard’s Memory Plugin (Menubar ‣ System ‣ Dashboard).
Network status¶
This page contains several information about the running state of the network interfaces. Three boxes are present on the page: Interfaces, Routing table entries, and the ARP table entries. In more details, these are the information presented in each box, which are usually the output of a Linux command. The boxes can be expanded and collapsed by clicking on the or icons, respectively.
Interfaces
The first box uses the output of the ip addr show command to provide for each network interface the status -either UP or DOWN, the assigned IP address, and additional communication parameters like the amount of the received and sent traffic and the number of possible errors or dropped packets. The NIC shown are either Ethernet interfaces or bridges, while VLANs and bonded network interfaces are not shown.
Routing table entries
The kernel routing table, as provided by the route -n
command. Typically, there should be one line per active interface,
which correctly routes the traffic within the zones served by the
UTM, plus a default route (recognisable by the
0.0.0.0/0.0.0.0
Destination field) that allow the
traffic to reach the Internet.
There can be more than one entry per interface in the case of the default gateway or in case some special host in one local network acts as gateway to another local network that is not directly served by the UTM.
ARP table entries
In the last box data about the arp table, extracted from the output of the arp -n command, are displayed. For each entry, the IP address is shown, along with its corresponding MAC address and device.
Services status¶
Services
This box shows the status of each service installed on the UTM, marked as either STOPPED or RUNNING. A click on the Log button on the right of the status will open a panel underneath to see the service’s detailed status, according to the systemctl status <servicename> command.
System graphs¶
The graphs displayed in this page present the usage of the following CPU, memory, and swap resources, each in a different box that can be minimised or expanded by clicking on the and icons.
Each graph uses colours, explained in the legend, to highlight its various components of the resource, and shows a summary of the minimum, maximum, average, and current values of each resource.
Note
The nan (short for “Not A Number”) string that is
sometimes displayed in the summaries means that not enough data
have been collected to calculate the usage of the selected
resource. It can appear for example in the Usage per
Year
graphs when the UTM has been used for only a few
weeks.
In detail, the three boxes in the main page display the following information.
CPU graph
This box shows the CPU usage of the UTM, grouped into the sum of CPU time per status of the processes.
Memory graph
These graphs show the RAM memory usage.
Swap graph
The usage of the swap area, located on the hard disk, is displayed in this box.
See also
A good description of the linux memory management can be found here.
Traffic graphs¶
Changed in version 6.0: New layout
Network traffic graphs
This page initially contains a single option.
- Interface
Select from the drop down menu the interface whose traffic should be shown.
Note
Only one interface at a time is allowed.
Once the interface or bridge has been selected, five graphs of the selected interface will appear, displaying traffic of the last hour, day, week, month, and year.
Below each graph, the summary of the average, maximum, and current amount of data transmitted and received is displayed.
Proxy graphs¶
The access statistics of the HTTP proxy during the last 24 hours are
shown here. There are no graphs in this page if the HTTP proxy service
in not active and has never been enabled: In those cases, instead of
the graphs, in the boxes appears the string No information
available
.
However, if the service has been running even for a short period during the last year, the data produced are still accessible by clicking on the graph. Similarly to the other graphs, statistics are shown for the last day, week, month, and year. In this page, a click on the BACK hyperlink on the bottom allows to go back to the main page.
Note
To show the proxy graphs, HTTP proxy logging must be enabled under Proxy ‣ HTTP ‣ Configuration ‣ Log settings, by ticking the Enable logging checkbox. Also queried terms and useragents can be logged to produce more detailed logs and graphs.
After the HTTP proxy has been enabled, the four boxes show the following data:
Total traffic per day: the amount of data flown through the UTM’s proxy service. In green is show the outgoing traffic, while in blue the incoming traffic.
Total Accesses per Day. The number of HTTP requests, depicted in blue, received by the UTM.
Cache hits per day. The number of cache data requested.
Cache hits ratio over 5 minutes per day. The number of cache data requested during a five minutes period.
Connections¶
Connections
This page shows a table containing the list of current connections from, to, or going through the UTM. The data shown here are devised by the kernel conntrack table. The following colours are employed in the table and used as the background of the cells in the table to denote the source and destination of the connection.
Green, red, orange, and blue are the zones governed by the UTM.
Black is used for connections involving the firewall, including daemons and services, like e.g., SSH or web accesses).
Purple shows connections using VPN or IPsec.
The data displayed in the table are the following.
- Source IP
The IP address from which the connection has started.
- Port
The port from which the connection has started.
- Destination IP
The destination IP of the connection.
- Port
The destination port of the connection.
- Protocol
The protocol used in the connection, which is typically tcp or udp.
- Status
The current status of the connection, meaningful only for TCP connections. They are defined in RFC 793, significant states are ESTABLISHED (connection is active), TIME_WAIT (connection is closing) CLOSE (no connection).
- Expired
How long will the connection remain in that particular status.
Note
To refresh the page, click on the icon located on the top right corner of the table.
VPN connections¶
This page shows the users connected to the UTM using a VPN, either OpenVPN or IPsec. The table shows the following information about them:
The username which the client uses for the connection.
The service they rely on for the connection (OpenVPN, L2TP, IPsec Xauth and so on).
The time when the connection started (Connected since).
The Assigned IP of the client.
The Remote IP of the client.
The possible Actions that can be carried out on the connection, which currently is only to forcibly disconnect the client.
SMTP mail statistics¶
Four boxes appear on this page, showing graphs about the email sent by the local SMTP server on the UTM for the current day, week, month, and year.
Note
The SMTP graphs are not reproduced on the Mini Appliances, since they require too many resources.
Like in the case of the Proxy Graphs, if the SMTP Proxy has never
been enabled, the No information available
string will be
displayed instead of the graphs.
Each box contains two graphs, both of which present on the y-axis the number of e-mail per minute and on the x-axis the time, whose unit of measure changes according to the type of graph: A two hours span in the Day graphs, one day in the week graphs, one week in the Month graphs and one month in the year graphs.
The graph on the top shows a summary of the number of message per minute sent (in blue) or received (in green) by the UTM.
The graph at the bottom can be seen as a more fine-grained version of the other graph, since it displays the e-mails that have been rejected (in red) or bounced (in black), those that have been intercepted because they contain viruses (in yellow), and those that have been recognised as spam (in grey).
Below each graph, there are also textual information concerning each category of email (sent, received, rejected, bounced, virus, and spam) about the total number, the average, and the highest number of e-mail (“msgs”) processed, plus the timestamp (date and time) of the latest update to the page.
Note
The nan (short for “Not A Number”) string that is sometimes displayed in the summaries means that there not enough data have been collected to calculate the usage of the selected resource.
Mail queue¶
When the SMTP proxy is enabled, this page shows the current e-mail
queue. With no e-mails in the queue, the message Mail queue
is empty
is displayed, but when some e-mail is there, it is possible
to flush the queue (i.e., send immediately the email in the queue) by
clicking on the Flush mail queue button.
With the SMTP proxy disabled, the message The SMTP proxy is
currently disabled. Therefore no information is available.
is shown.