I currently use a 3G (cell-based) Internet service (no access to WiMax,
cable or DSL), and excess usage charges can quickly build up. I am hoping
that ntop will help identify me hosts that I should cache locally or
block, but need to capture traffic over an extended period of time.
I installed and am successfully running ntop 3.3 on an Ubuntu 8.10 server
that manages the 3G modem. Remote websites come and go from the All
Protocols/Traffic list and Utils/Dump Data. When a website becomes active
again, byte counters appear to be reset. The mailing list suggests using
--sticky-hosts and activating the RRD plug-in, but these steps did not
seem to change how ntop works. I did see one post that suggested
--sticky-hosts was not effective for remote hosts. I wrote code to invoke
Utils/Dump Data periodically and build a composite traffic table. Over a
6 hour period yesterday, I captured data from 517 hosts, well below the
default 8192 Max Hashes.
Any guidance would be greatly appreciated! I realise I am trying to use
ntop in a fashion for which it was not designed.
Thanks, Norbert
PS. Great tool! The amount of information it provides is amazing.
_______________________________________________
Ntop mailing list
[email protected]
http://listgateway.unipi.it/mailman/listinfo/ntop
