From owner-freebsd-questions Mon Apr 15 16:14:28 1996 Return-Path: owner-questions Received: (from root@localhost) by freefall.freebsd.org (8.7.3/8.7.3) id QAA15502 for questions-outgoing; Mon, 15 Apr 1996 16:14:28 -0700 (PDT) Received: from tulpi.interconnect.com.au (root@tulpi.interconnect.com.au [192.189.54.18]) by freefall.freebsd.org (8.7.3/8.7.3) with ESMTP id QAA15493 for ; Mon, 15 Apr 1996 16:14:26 -0700 (PDT) Received: (from ahill@localhost) by tulpi.interconnect.com.au id JAA14244 (8.7.4/IDA-1.6); Tue, 16 Apr 1996 09:14:13 +1000 (EST) Date: Tue, 16 Apr 1996 09:14:12 +1000 (EST) From: Anthony Hill To: Christian cc: questions@FreeBSD.org Subject: Re: Monitoring traffic between two sites, How?? In-Reply-To: <22A5500500@mercury.csg.peachnet.edu> Message-ID: MIME-Version: 1.0 Content-Type: TEXT/PLAIN; charset=US-ASCII Sender: owner-questions@FreeBSD.org X-Loop: FreeBSD.org Precedence: bulk On Mon, 15 Apr 1996, Christian wrote: > Hi, > > I was wondering if there is anyway to use FreeBSD to monitor > traffic between two sites. I wan to be able to see how many users > from certain ip addresses on our network are connected to another ip > address. If possible I would also like to know, the duration of each > session, and what port the users are connected to on the other end. > Is this possible using FreeBSD and/or some freely available tools? Well you could get the raw data with tcpdump (which is part of the distribution), although it would be a bit cryptic. Perhaps someone knows of something that would process the output of tcpdump into something a bit more readable.