My question here is:
Does a count of packets accuratly describe the ammount of bandwidth
consumed by a particular address?
Thanks,
Ron DuFresne
On Wed, 18 Oct 2000, Truman Boyes wrote:
> On Wed, 18 Oct 2000, Jacques Rautenbach wrote:
>
> > Hi All,
> > I am looking for a script that will work out the amount of traffic IP
> > adress's behind a gauntlet firewall on a Linux platform pull of the
> > internet. Preferably it should be accessed through a web interface and can
> > be adjsuted to reflect values over certain periods such as 24 hours,
> > monthly, yearly etc. The point being to finger out individual IP's that are
> > abusing bandwidth as we in SA pay huge amounts of money for bandwidth. I
> > have seen an interface like this before that had a "top 20" for the day and
> > then the history of each IP but I am unable to find it.
> >
> > Any help would be greatly appreciated.
> >
> > Regards
>
> You can easily do this with Sniffer Pro. There is a way to monitor up to
> 500 hosts, and the statistics (packets in/out) from each. I am sure with
> some nicely tuned scripts, you can do the same with tcpdump or ethereal.
>
> I have done this with Sniffer Pro, then exported the data as a comma
> seperated file. CSV files can be imported into Excel, where you can write
> some functions to SUM the data.
>
> If you have a mostly cisco network, you can setup NetFlow accounting. I
> have setup this up with a SUN Ultra5 doing the NetFlow Collection. This is
> very scalable and is probably the best bet for the long term.
>
> You might want to also look into using an application proxy where you can
> track each IP and how much data they retrieved.
>
> .truman.
>
>
> -
> [To unsubscribe, send mail to [EMAIL PROTECTED] with
> "unsubscribe firewalls" in the body of the message.]
>
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
"Cutting the space budget really restores my faith in humanity. It
eliminates dreams, goals, and ideals and lets us get straight to the
business of hate, debauchery, and self-annihilation." -- Johnny Hart
***testing, only testing, and damn good at it too!***
OK, so you're a Ph.D. Just don't touch anything.
-
[To unsubscribe, send mail to [EMAIL PROTECTED] with
"unsubscribe firewalls" in the body of the message.]
