This can be accomplished using the netflow package and NTOP, this how
I use it at least and it works very well.
-Joel
On Jun 6, 2007, at 2:40 PM, Tim Nelson wrote:
WOW amazing timing. I just posted about monitoring traffic as well.
It appears you are looking to do actual packet capture, not just
seeing how much data flows through your box. It sounds crude, but
you could always throw a hub (not a switch...) on the interface you
want to capture and run Wireshark directly...
Tim Nelson
Technical Consultant
Rockbochs Inc.
Anderson Carli wrote:
Hi all!
I´m trying to monitor the traffic of my pfSense box. What I want
is to dump all WAN traffic to a host in my LAN.
Well, I achieve this using tcpdump, netcat and WireShark:
1. Capture all traffic with tcpdump and redirect to my host using
netcat
tcpdump -n -i fxp1 -w- | nc 192.168.0.1 4321 &
2. In the client host:
nc -L -p 4321 > c:\fxp1.log
3. Now I can open the fxp1.log file with WireShark and see all the
WAN traffic.
But I´m wondering if there is a better way to do the same thing
without netcat (using rpcap for example)
Cheers
Anderson
---------------------------------------------------------------------
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
---------------------------------------------------------------------
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
