From owner-freebsd-net@FreeBSD.ORG Wed Jan 26 10:12:34 2005 Return-Path: Delivered-To: freebsd-net@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 578D116A514 for ; Wed, 26 Jan 2005 10:12:34 +0000 (GMT) Received: from mail.astra-sw.com (mail.astra-sw.com [82.140.87.237]) by mx1.FreeBSD.org (Postfix) with ESMTP id 3224C43D2D for ; Wed, 26 Jan 2005 10:12:33 +0000 (GMT) (envelope-from Nickolay.Kritsky@astra-sw.com) Received: from exchange.stardevelopers4msi.com ([192.168.64.10]) j0IBYbQA043061 for ; Tue, 18 Jan 2005 14:34:37 +0300 (MSK) X-MimeOLE: Produced By Microsoft Exchange V6.0.6249.0 Content-Class: urn:content-classes:message MIME-Version: 1.0 Content-Type: text/plain; charset="WINDOWS-1250" Content-Transfer-Encoding: quoted-printable Date: Tue, 18 Jan 2005 14:36:29 +0300 Message-ID: X-MS-Has-Attach: X-MS-TNEF-Correlator: Thread-Topic: Network accounting thread-index: AcT80LFoSUWCz4YPSgGiCtgrIeCPngAgO1eg From: "Nickolay Kritsky" To: "Andrew Seguin" , Subject: RE: Network accounting X-BeenThere: freebsd-net@freebsd.org X-Mailman-Version: 2.1.1 Precedence: list List-Id: Networking and TCP/IP with FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Wed, 26 Jan 2005 10:12:34 -0000 I am using trafd and I am quite happy with it, if I dump internal tables = to disk often enough. Nick -----Original Message----- From: Andrew Seguin [mailto:asegu@borgtech.ca] Sent: Monday, January 17, 2005 11:11 PM To: freebsd-net@freebsd.org Subject: Network accounting I=92ve searched Google, I=92ve searched through the FreeBSD-net archives = and have gotten a few leads to what I=92m seeking, but unfortunately, = nothing solid enough for me to go off of (so yes, I=92ve been doing some = homework first! ;) ) =20 But, here=92s my situation. A dedicated FreeBSD transparent = firewall-bridge with 3 NICs (two for the bridge w/o IP, one for console). I=92m using = IPFW for the firewall, and at the moment I=92m doing some very bare-bones = statistics via a couple of count rules. I track abusive users through random usage = of TCPDump (when I feel like it basically). =20 However, I have some heavy downloader=92s on the campus so I want to do = deep statistics gathering. Mainly, how much is (daily/weekly/monthly) the = traffic by IP address and independently the traffic by service (HTTP/SMTP). =20 So my research seems to indicate that the best is to use something to generate netflow data (Maybe IPCad?). However, I sort of feel that=92s a = bit heavy for my needs, I=92d have only one source of data collection. But = it=92s not like I=92m tight in processor power nor hard disk space and I even = have a second server already running web/Mysql under my control. I have a small list of tools, but it all leads up to my question. =20 I therefore ask out to the list, what recommendations for traffic accounting/statistics gathering can you give me? --=20 No virus found in this outgoing message. Checked by AVG Anti-Virus. Version: 7.0.300 / Virus Database: 265.6.13 - Release Date: 1/16/2005 =20 _______________________________________________ freebsd-net@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-net To unsubscribe, send any mail to "freebsd-net-unsubscribe@freebsd.org"