[PLUG] Network monitoring tool?

Derek Loree derek at infotects.com
Thu May 16 20:27:18 UTC 2002


On Wed, 2002-05-15 at 21:26, John Meissen wrote:
> 
> I have a Linux gateway configured at a friend's house. It runs
> DHCP and provides NAT services for the internal network. The
> internal network consists of three or four Macs, several Windows
> desktops and notebooks and an occasional Linux machine.
> 
> I'm running MRTG on it so we can monitor the state of the external
> connection (an 802.11b link with a pair of Cisco bridges). Sometimes,
> late at night when there should be no one up, I see significant
> increases in both inbound and outbound traffic. The last episode
> started at 10PM and ran at a pretty steady rate until almost
> exactly noon the next day (a school day, no one should have been
> home).
> 
> I'm monitoring both NICs, so I can see that the traffic is flowing
> through the Linux machine to/from someplace on the LAN. What I
> need to do is isolate which machine is doing it.
> 
> Is there any tool that can give me NAT statistics, so I can monitor
> traffic flow based on the internal IP addresses? I've found a
> lot of tools that will do state monitoring of systems, but so
> far nothing that will give me what I need.
I use iptraf on my lrp boxes, it pairs up the NAT portion of the
connection with the internet portion of the connection, and it is text
based, so it fits on the one floppy with the rest of the router.

Good Luck

Derek Loree





More information about the PLUG mailing list