Mark Rogers wrote:
If I have a Linux box set up as my office gateway, is there any way I
can monitor traffic so that at periods of peak usage I can see which PC
on the LAN is using which bandwidth?
The problem I'm trying to solve is when bandwidth apparently drops to
(near) zero, is it because of a problem outside the office or because
one inside? Then, if the latter, which PC is causing the problem?
Traffic graphs like shown on IPCop will help me determine the answer to
the first question but then I'm stuck.
I'm not sure whether there are any nice, easy-to-use tools for this, but
I'm fairly sure that the IP accounting facilities in netfilter can log
the data you want if you have the relevant rules in your firewall
configuration. However, you may have to set them up the hard way by
using iptables directly. You might be able to find something in the
relevant HOWTOs.
As an alternative to all of this, if I have a Linux box on the network
(but not the gateway) can I sniff the LAN traffic to achieve the same
result?
Other people have already commented on the use of a managed switch. On
a switched network the hosts normally only see their own traffic. I
have heard rumours that there are some sneaky ways of fooling a dumb
switch into broadcasting traffic, but I don't know how it's done and I
imagine you would suffer a performance hit.
If you are going to monitor packets, I seem to recall that ethereal has
a good reputation as a packet sniffer.
Tony Cowderoy
http://www.mml-net.com
_______________________________________________
Peterboro mailing list
[email protected]
http://mailman.lug.org.uk/mailman/listinfo/peterboro
