Date: Thu, 14 Dec 2000 13:48:08 -0600 From: Matt Schlosser <mschlosser@eschelon.com> To: 'Joe Oliveiro' <joe@advancewebhosting.com> Cc: "'freebsd-questions@freebsd.org'" <freebsd-questions@freebsd.org> Subject: RE: Bandwidth Monitoring Message-ID: <C1781C38F13DA040848FEFAD07311B105ECE46@walleye.corp.fishnet.com>
next in thread | raw e-mail | index | archive | help
You can set up tcpdump to dump all the packet headers into a big log file that is rotated when it is certain size, then have a parser chew through the log files as they rotate and create the reports. As far as generating the graphs, you'll have to get someone else, but you can write a perl script to easily tear through the logs to get a final value if you have the horsepower on the computer. We did this at a place I used to work, but instead of tracking bandwidth, we'd watch for exploit attempts on other machines and then trigger a grep on the tcpdump logs that pulled out all the traffic for the exploit attempt. The machine was freeBSD 3.4 with 233mhz pII, 64 megs of ram and a 4 gig HD. Nothing running on it except sshd, tcpdump, and ipfw. Oh, and a big sandbox behind port 23 that we all re-created binaries for that did nothing except print phoney output to the screen. wanna do an ls? you always get the same output. cd /wherever worked but didn't put you there, instead pwd would spit back whatever you put into cd it was a lot of fun to build, and I think it's still running. --- Matthew Schlosser Systems Administrator Eschelon Telecom, Inc. Phone: 612/436-6045 E-Mail: mschlosser@eschelon.com General Help or Questions: sysadmin@eschelon.com -----Original Message----- From: owner-freebsd-questions@FreeBSD.ORG [mailto:owner-freebsd-questions@FreeBSD.ORG]On Behalf Of Joe Oliveiro Sent: Thursday, December 14, 2000 1:36 PM To: freebsd-questions@FreeBSD.ORG Subject: Bandwidth Monitoring I have a 3com switch which is broadcasting all network traffic to the port that my computer is plugged into, so i can see all network traffic. i have multiple class C's which are in use by computers on the network. Most of these computers are not running SNMPD. I would like to create a bandwidth usage graph per IP on the network, so each IP address will have its own graph. These graphs cant be done via mrtg since not every computer has the SNMPD running and the task of installing it is not possible. Is there a program which will sniff/sample network traffic and create this graph that i am looking for? IE: sample/sniff traffic to/from an IP address and create a graph based on this information? Microsoft: "Where would you like to go to today" Linux: "Where would you like to go tomorrow" FreeBSD: "Hey,when are you guys going to catch up" To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-questions" in the body of the message To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-questions" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?C1781C38F13DA040848FEFAD07311B105ECE46>