Date: Wed, 29 Nov 2000 18:39:30 -0700 (MST) From: Diana Eichert <deichert@wrench.com> To: Rowan Crowe <rowan@sensation.net.au> Cc: freebsd-isp@FreeBSD.ORG Subject: Re: tcpdump & user-ppp/tunX. Ethereal ? Message-ID: <Pine.GSO.4.10.10011291828020.12719-100000@inago.swcp.com> In-Reply-To: <Pine.BSF.4.21.0011301206020.55961-100000@velvet.sensation.net.au>
next in thread | previous in thread | raw e-mail | index | archive | help
Since FreeBSD also support IP Filter you could look at: "IP Accounting Package for Darren Reed's IP Filter" from http://www2.empnet.com/ipacct/ BTW, you can now build a command line version of Ethereal called tethereal without having to build all of Ethereal. diana On Thu, 30 Nov 2000, Rowan Crowe wrote: > I don't run X on any of my machines (especially the little 486dx2-66 I > want to track traffic on!) so it's not really an option... > > Some time ago I wrote a program which accepted the output from tcpdump and > generated 4 lists ordered by: > > source port > destination port > source IP > destination IP > > In this way it was very easy to be able to see where content was coming > from, how much HTTP or SMTP traffic was coming in, which customer is > receiving the most traffic, etc. I've included a sample output below. > > This program makes use of the apparent -e "packet size" parameter which I > later discovered is not guaranteed; it works fine on 2.2.8 systems but of > course breaks on later versions of tcpdump which output things a little > differently. Another limitation is that it only handles UDP and TCP > packets, and quietly ignores anything else. > > I want to adapt this program to a 3.x system. Perhaps it's time to hack > tcpdump. :-) > > Thanks for the suggestion. > To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-isp" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?Pine.GSO.4.10.10011291828020.12719-100000>