[clug] IP network traffic monitoring
Mark Davis
mdavis at perform.net.au
Wed Sep 14 01:45:42 GMT 2005
If it's not too much hassle, why not try a mix of iptables (or chains) and
mrtg ?
- Mark
On 14/9/05 11:27 AM, "Tony and Robyn Lewis" <beakysnugger at yahoo.co.uk>
wrote:
> I am a paranoid bunny. I want a tool that will sniff my internet-facing
> interface, and store "flow" information (source/dest IP/port, time,
> proto, packet/byte count). Does such a beast exist as a debian package,
> or any other package?
>
> I know there are lots of network monitoring stuff (been through
> http://packages.debian.org/testing/net) but nothing that can do graphs
> and/or reporting by that resolution.
>
> The nearest I can find is something like pmacct, or ulog-acctd, and
> pumping that into a database/file and then having a web front end to
> generate graphs. But I'd love to find something already rolled.
> flow-tools comes close if I can find something that will generate
> netflow data.
>
> My underlying requirement is this: I use cacti, and it reported to me
> last night that my upload was maxed out between around 3am to 6am. I
> don't know why. I've checked the logs for the apps that operate on the
> ports I have open, and nothing jumps out, and so I'm a little stumped
> and curious/nervous. Some monitoring tool like this would help.
>
> Tony Lewis
More information about the linux
mailing list