monitoring IP traffic
Les Mikesell
lesmikesell at gmail.com
Sat Aug 20 13:22:27 UTC 2005
On Sat, 2005-08-20 at 08:10, Claude Jones wrote:
> On Saturday 20 August 2005 8:58 am, Thomas Springer wrote:
> >
> > iptraf (8) - Interactive Colorful IP LAN Monitor
> > iptstate (8) - A top-like display of IP Tables state table entries
> >
> >
> Thanks, Thomas. Sometimes it helps to ask the right question. I never knew
> about either of these utilities. They are exactly what I was looking for.
You might also like ethereal, which gives you a realtime view and
packet capture. You can run it in a remote X window if you
ssh -X firewall_machine, then specify 'not your_IP' in the
capture filter to exclude the traffic you are generating
yourself on the viewing connection (the filter syntax is the
same as tcpdump's).
Also very handy is ntop (http://www.ntop.org). You can leave
it running then view the traffic summarized over time in various
ways through a nice web interface. It is good to find which hosts
are generating which kinds of traffic, and then you can use
ethereal if you want to see something specific in real time.
--
Les Mikesell
lesmikesell at gmail.com
More information about the fedora-list
mailing list