PF + ALTQ - Bandwidth per customer
david_5073 at yahoo.com
Sat Dec 13 05:29:16 PST 2008
Well, have you run tcpdump on a network with 200Mb/s? The function is
performed in the kernel, so its a lot more efficient than tcpdump.
The monitor sorts by usage, so you can see which connection, IP or MAC
is using the most traffic. When you're getting DOS attacked or have a worm
you can find your problems instantly. It doesn't show each packet; it
provides a listing of each connection, sorted from high to low usage. You
can also use rules as filters, so you can quickly create complex filters.
Turning tcpdump on a production shaper isn't an option.
--- On Mon, 12/1/08, Stanislav Sedov <stas at FreeBSD.org> wrote:
> From: Stanislav Sedov <stas at FreeBSD.org>
> Subject: Re: PF + ALTQ - Bandwidth per customer
> To: david_5073 at yahoo.com
> Cc: freebsd-isp at freebsd.org, "Sebastian Tymków" <sebastian.tymkow at gmail.com>, "Marcello Barreto" <marcello at linconet.com.br>, freebsd-pf at freebsd.org
> Date: Monday, December 1, 2008, 5:23 PM
> -----BEGIN PGP SIGNED MESSAGE-----
> Hash: SHA1
> On Sat, 29 Nov 2008 08:26:57 -0800 (PST)
> David Roseman <david_5073 at yahoo.com> mentioned:
> > It also has a traffic monitor that is indispensable in
> tracking down
> > DOS attacks, worms and out of control servers. I'd
> pay $500. just for the monitor. I have a problem, I fire up
> the monitor and bingo, I find the
> > problem. I think you can buy the lowest priced license
> and still use the
> > monitor and gather statistics no matter how large your
> network is.
> How does this traffic monitor differ from tcpdump? From
> pictures it looks like
> just a web-interface for tcpdump and nothing more...
> - --
> Stanislav Sedov
> -----BEGIN PGP SIGNATURE-----
> -----END PGP SIGNATURE-----
> freebsd-isp at freebsd.org mailing list
> To unsubscribe, send any mail to
> "freebsd-isp-unsubscribe at freebsd.org"
More information about the freebsd-isp