Bandwidth Monitoring program

Julian Elischer jelischer at ironport.com
Wed Dec 6 16:53:40 PST 2006 

Benjamin D Adams wrote:
> On Wed, 2006-12-06 at 16:25 -0800, Julian Elischer wrote:
>   
>> Benjamin D Adams wrote:
>>     
>>> What my network looks like:
>>> 		NET
>>> 		 |
>>>              NAT/FIREWALL(2.1.24.34)
>>> 		 |
>>> 	/-----[ HUB ]----\    <---- put a cheap hub here
>>> 	|	|	  |
>>>    2.1.24.35   2.1.24.36  2.1.24.37
>>>
>>>       
>> if you place a cheap 100Mb hub in the location shown, then
>> you should be able to look at all traffic that is headed to the firewall
>> by listenning on .35
>>     
>
> Yes there is a SWITCH there, do you mean listen to port 35?  would I do
> a packet sniffer on 2.1.24.34 just port 35?
>   

go buy a $39.99 hub at your local electronics store (make sure it is a hub)

put it  in the location shown (see changed diagramm above).

listen on 2.1.24.35 using promiscuous mode..

even better, if you have 2 ethernet ports on your PC:

         [internet]
             |
         [Firewall]
             |
   /-------[HUB]
   |         |
   |    [current switch]-------\
   |      |        |           |
   |      |        |           |
   |      |        |           |
 [ 2.1.24.35]    [x.x.x.x.x]  [y.y.y.y.y]

set -arp , promisc and no address on the listenning port,
and you can listen on only traffic going to the firewall.

OR you may just make a TAP (only works for 10Mb/s and 100Mb/sec)
by following the instructions at:

http://www.sun.com/bigadmin/content/submitted/passive_ethernet_tap.html

and put it where the hub is above.


julian

>>
>>
>>     
>>> There is no DHCP, I don't think it is possablie to do this but I want to
>>> install a bandwidth monitoring program on 2.1.24.35.  That will monitor
>>> all traffic going through 2.1.24.34.  I installed bandwidthd but it's
>>> only local traffic I can't get all traffic through 2.1.24.34.  I think I
>>> need to but a middle man between NET and 2.1.24.34.  I don't have any
>>> more ips to use. 2.1.24.34 is a firewall like netgear, linksys, etc
>>> setup with NAT.
>>>
>>> What I see is I need to replace the NAT with something where I have a
>>> shell. I don't think it is possible with the current setup, but figured
>>> I would ask. Thanks for any help.
>>>
>>> Ben Adams
>>>
>>> \eebsd.org"
>>>

More information about the freebsd-net mailing list