Date: Thu, 3 Jun 1999 10:40:14 +1000 (EST) From: Enno Davids <nconedd@mensa.national.com.au> To: rowan@sensation.net.au (Rowan Crowe) Cc: freebsd-isp@FreeBSD.ORG Subject: Re: monitoring at the packet level Message-ID: <199906030040.KAA00543@mensa.national.com.au> In-Reply-To: <Pine.BSF.4.01.9906022024580.2604-100000@velvet.sensation.net.au> from "Rowan Crowe" at Jun 2, 99 08:32:00 pm
next in thread | previous in thread | raw e-mail | index | archive | help
| | Hi all, | | I am currently working on a monitoring system which does more than simple | byte counting, it instead monitors connections. Output can be sorted by | most popular source host, most popular destination host, most popular | source port, most popular destination port. | | As it's just a test of concept right now, it's basically tcpdump piped to | a program that converts the ASCII output into binary form for its own | internal use. (As a bonus this makes it a little portable, assuming the | target platform has a similar tcpdump) perhaps you'd be better off modifying 'ntop' which already does the src/dest address stuff you're talking about (and can split out by transport - i.e. TCP, UDP and ICMP). Cheers, Enno. To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-isp" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?199906030040.KAA00543>