Re: [tcpdump-workers] remote capturing using tcpdump

On Wed, Oct 6, 2010, Aaron Turner said: > On Wed, Oct 6, 2010 at 6:19 AM, Ankith Agarwal wrote: >> >> Hi >> �Is there any solution for reporting the captured packets to a remote >> user through the same or another interface. Actually I need to remotely >> monitor a machines' incoming and outgo

Re: [tcpdump-workers] bandwidth by user or process id

On Wed, Oct 06, 2010 at 01:30:14AM -0700, Patrick Kurz wrote: > I was also slightly concerned about short-lived connections. But if the > measured > bandwidth is accurate by 10%, it is sufficient for my use case. > What kind of applications do in general create such short-lived connections > and

Re: [tcpdump-workers] remote capturing using tcpdump

On Wed, Oct 6, 2010 at 6:19 AM, Ankith Agarwal wrote: > > Hi >  Is there any solution for reporting the captured packets to a remote > user through the same or another interface. Actually I need to remotely > monitor a machines' incoming and outgoing packets. Typical way is via a SPAN port on a s

[tcpdump-workers] remote capturing using tcpdump

Hi Is there any solution for reporting the captured packets to a remote user through the same or another interface. Actually I need to remotely monitor a machines' incoming and outgoing packets. Regards Ankith -- This message has been scanned for viruses and dangerous content by MailScanner,

Re: [tcpdump-workers] bandwidth by user or process id

On Wed, Oct 6, 2010 at 8:47 AM, Rob Hasselbaum wrote: > On Tue, Oct 5, 2010 at 1:53 PM, Phil Vandry wrote: > >> On Mon, 4 Oct 2010 09:51:39 -0400 Rob Hasselbaum >> wrote: >> > Yes, it is possible (on Linux, anyway), but not extremely easy. You can >> > correlate packet data to the kernel's netw

Re: [tcpdump-workers] bandwidth by user or process id

On Tue, Oct 5, 2010 at 1:53 PM, Phil Vandry wrote: > On Mon, 4 Oct 2010 09:51:39 -0400 Rob Hasselbaum > wrote: > > Yes, it is possible (on Linux, anyway), but not extremely easy. You can > > correlate packet data to the kernel's network connection table and > network > > connections to inode val

Re: [tcpdump-workers] bandwidth by user or process id

hi, On Wed, Oct 06, 2010 at 01:29:58AM -0700, Patrick Kurz wrote: > Let's say 10 users transfer large amounts of data through ssh at the same > time. > I assume in this situation 10 different processes would share the same > socket, They won't. This (normally) only happens for server process

Re: [tcpdump-workers] bandwidth by user or process id

2010/10/6 Patrick Kurz : > > > - Original Message >> From: Phil Vandry >> To: Rob Hasselbaum >> Cc: tcpdump-workers@lists.tcpdump.org >> Sent: Tue, October 5, 2010 7:53:16 PM >> Subject: Re: [tcpdump-workers] bandwidth by user or process id >> >> On Mon, 4 Oct 2010 09:51:39 -0400 Rob Has

Re: [tcpdump-workers] bandwidth by user or process id

- Original Message > From: Gerald Combs > To: tcpdump-workers@lists.tcpdump.org > Cc: Rob Hasselbaum > Sent: Tue, October 5, 2010 8:14:57 PM > Subject: Re: [tcpdump-workers] bandwidth by user or process id > > You can also catch events using SystemTap's netdev.transmit and > netdev.re

Re: [tcpdump-workers] bandwidth by user or process id

- Original Message > From: Phil Vandry > To: Rob Hasselbaum > Cc: tcpdump-workers@lists.tcpdump.org > Sent: Tue, October 5, 2010 7:53:16 PM > Subject: Re: [tcpdump-workers] bandwidth by user or process id > > On Mon, 4 Oct 2010 09:51:39 -0400 Rob Hasselbaum wrote: > > Yes, it is pos

Re: [tcpdump-workers] bandwidth by user or process id

- Original Message > From: Rob Hasselbaum > To: tcpdump-workers@lists.tcpdump.org > Sent: Tue, October 5, 2010 4:07:14 PM > Subject: Re: [tcpdump-workers] bandwidth by user or process id > > Right, generally, the local or remote port will be different for different > PIDs even if the I