Re: linux gatewway traffic bandwidth monitoring by source, destination, protocol and port

Michael Heiming wrote: 
In comp.os.linux.networking airdog <john@xxxxxxxxx>:

On Sun, 25 Dec 2005 11:55:01 +1100, Jesus M. Salvo Jr. wrote: 


[ top posting fixed }


I have a linux gateway that has 2 ADSL modems, does IP and VPN masquerading,
so that all traffic on the local network goes through this gateway.

I want to find out:
*) Which machine in the local LAN is consuming the ADSL bandwidth
*) Which external IP does most of the internal machines consume ADSL
bandwidth for
*) Which protocol and port consumes the most ADSL bandwidth


[..]


Yes, try pmacct http://freshmeat.net/projects/pmacct/ 


It uses either postgres or mysql to keep records and you can agregate by
hosts, networks, source ip, dest ip, etc.



A little difficult to set up and the docs are not very good, but if you
succeed, it's worth it.


Ntop does NOT keep history. If you reboot, you loose the history. 


Err? Ntop has rrdtool support built in these days.


Those are both good suggestions.

We also use Shorewall's accounting features along with rrdtool to track this. It is less intensive than NTOP but requires that you know what you are trying to account for ahead of time.

Scott R. Haven
Sr. Systems Engineer
Paisley Systems Inc.
managed services, consulting, and support
www.paisleysystems.com
.