traffic analysis tools

bsd bsd at todoo.biz
Fri Oct 27 16:00:48 UTC 2006 

Le 21 oct. 06 à 16:19, Michael P. Soulier a écrit :

> Hey people,
>
> I'd like something to look at traffic use through my gateway, so I  
> know how
> much of my upload bandwidth and download bandwidth is in use at any  
> time.

This could be donne very easily withe cacti :

--> Activate SNMP on your gateway
--> Log into cacti
--> Select Devices and create a new one corresponding to your gateway
--> Select a Host Template of type ucd/net SNMP host
--> Add graph template
--> Add data query of type "SNMP - interface statistics"

This should be very easy.
For security purpose reduce the IP range of allowed hosts in the  
snmpd.conf

> Ideally it'll tell me from where, so I can look at internal  
> abusers, or get an
> idea of where hits are coming from.
>

If your PC's are connected to a switch, activate SNMP and monitor It  
the same way.
Otherwise you'll have to go into deeper configuration of cacti and  
script the solution to monitor load per IP.

Another solution would be to Monitor global bandwith and log into  
your gateway once you encounter congestion and have a little command  
like that showing whom the nasty guys are :

# netstat -an | less



If your gateway is not a FreeBSD - let us know because things could  
be very different.

> Off the top of my head, I can think of two tools.
>
> 1. ntop - great web interface, but I've found it unstable
> 2. iptraf - good curses interface, but I'm looking for trend  
> monitoring
> 3. mrtg - as I'm running snmp, so I could just monitor it from a  
> desktop
> running mrtg...
>
> Any other suggestions?
>
> Thanks,
> Mike

________________________________________________
«?»¥«?»§«?»¥«?»§«?»¥«?»§«?»¥«?»§«?»¥«?»§«?»¥«?»§
¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯
Gregober ---> PGP ID --> 0x1BA3C2FD
bsd @at@ todoo.biz
________________________________________________
«?»¥«?»§«?»¥«?»§«?»¥«?»§«?»¥«?»§«?»¥«?»§«?»¥«?»§
¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯

P "Please consider your environmental responsibility before printing  
this e-mail"

More information about the freebsd-questions mailing list