Networking :: Monitor A Router Traffic?
Jan 8, 2010is it possible to see the router traffic using a remote system? can those packet headers b modified for marking purpose?
View 5 Repliesis it possible to see the router traffic using a remote system? can those packet headers b modified for marking purpose?
View 5 RepliesI have a desktop, a laptop, & a wireless router. The router, unfortunately, doesn't support dd-wrt, tomato, etc firmware, but I would still like to prioritize voip/web browsing over bulk Internet traffic. I hope I can offload the router's missing QoS to my desktop.
Is it possible to have the laptop's connection go from the wall to the router to the desktop, where the desktop could perform the QoS of tomato, then continue on to the laptop? I'm a bit of a noob to networking (subnets?) but do well enough following good instructions.
As for the program that would do the QoS... Don't some Linux machines basically work as super-powered routers for businesses? So there must be some package but couldn't find one. The closest I got was wondershaper but it only shapes traffic for the computer on which it's installed; it might form part of the solution but falls short on its own. other devices should be able to access the Internet normally if the desktop is turned off, & work with other devices like a (jailbroken) iPod Touch.
I am looking for a solution for our LAN traffic monitoring and would like to use some opensource linux application. I have a linux box with two NIC cards and what I thought is the following: Our setup is as follows. Internet comes in through the router and into the firewall. From the firewall it goes into our switch and distributed among the workstations.
I have no access to the router or the firewall as they are centrally configured. I would like to place a device into the loop through which I could monitor the LAN traffic.
Can I put a linux box between the firewall and the switch and have all packets going through registered and logged? I have a proxy server (non transparent) and that captures some but not all. I would like to get all packets registered without interfering with the LAN etc.
In my "computer room" I have an ATT U-Verse TV decoder box and my computer connected to a Netgear Switch. The third port on the switch connects to the ATT router. I've just noticed that when I power on the U-Verse TV box I start getting a lot (200-250 KiB/s) of received packets on my Debian Lenny machine as shown in the System Monitor app. I don't show any outgoing traffic in response. That explains why the lights on the switch are blinking at the same rate for both devices. So, what, if anything, is this telling me? Is this normal, or is the ATT router spamming my Linux machine for some reason? Is this a potential problem?
Added: Or is this just telling me that the NetGear FS-105 is not actually an ethernet switch?
We have something on our network that is reaking havoc with our content filter. I am trying to track it down, but so far I have been unsuccessful. We have approximately 500 devices in 100+ different locations spread across 9 states. Looking at each computer is not really feasible.
I need a machine that can sit in between our network and our internet connection and graphically monitor in real time and logs how much traffic each device is sending and receiving. It would need to sit inline so it has to have two nics and be able to pass traffic. The machine also needs to be transparent. Reconfiguration of our routers or workstations is not an option.
I have used ethereal and wireshark before. Ethereal may be a viable option, but wireshark seems to provide lots of information, but no practical way to make use of it. how to set up the box to be a transparent device on the network that will allow internet bound traffic to flow (freely)?
How will I monitor the traffic of tun0 ?
View 5 Replies View RelatedI am using Debian 5 and I have some networking experience, however I want to learn to do this the best way possible. I have a Debian box with two nics and I want to connect that to a switch and use my Debian box as a router basically, as well as having a firewall setup within that too.
Should I use iptables to set up nat or the route command or what? I just want to know the group of tools to use in order to set up my network. Network diagram: Internet <------> Debian Box <----> switch <----> hosts I found some guides but they are for linux 2.4 and i'm not sure if they are right.
Is there a nice easy to use tool that displays (in KB/s) the internet traffic from every IP on a network?
Currently I'm using iptraf, but it's very hard to understand at times.
A little info on my network:
I'm using SNAT for internet sharing.
Is there an easy way to monitor network traffic? I want to make sure my kids are surfing safe...
View 5 Replies View RelatedI have a 2 machine LAN with both machines having an ethernet card and a wireless card. There is a Netgear router, both eth and WiFi, allowing both machines to access the internet.
On my Linux machine I am looking for some software that allows me to keep track of my broadband usage on that machine, excluding traffic between the two machines.
There are numerous such programmes for this in XP, which use Winpcap and a GUI frontend. The "other" machine on my LAN is XP and uses just such a program.
what I want to achieve is just to be able to say to who ever is killing our relatively fast connect that they aren't the only person using the network. Everyone just says "I hardly download anything." which is obviously untruthful as normally I can download at 1.5 MB/s but now loading even google.com takes way too long (same with pinging and all other sites). Once I do this, I can determine whether or not I need to call my ISP and do the long 'on hold' dance and "have you tried rebooting the router" BS.
View 8 Replies View Relatedis there a utility with which I can get the current traffice towards a given host, for example;
command 87.255.33.32
22000
Ubuntu system monitor applet doesn't show internet traffic although my wireless is working just fine. I use a conky to monitor bandwidth through vnstat and had no problem till I upgraded to maverick.
**ifconfig
wlan0 Link encap:Ethernet HWaddr 00:24:d2:c4:3e:da
inet adr:192.168.0.100 Bcast:192.168.0.255 Masque:255.255.255.0
adr inet6: fe80::224:d2ff:fec4:3eda/64 Scope:Lien
UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1
[Code]...
I am connected to a network with free traffic inside it and post-paid outer traffic. So I need a way to be able to separately monitor the download traffic from inside and outside the network. All the solutions I`ve found for now offer monitoring of ALL up/down traffic.
So, I want to get separate statistics on these:
1 — 81.89.188.0/23, 217.197.9.0/24
2. — 81.89.186.0/23
3. — 81.89.178.0/23
4. — 81.89.176.0/23
5. — 81.89.180.0/24
9. — 217.197.12.0/24
[Code]...
UPD: I`m connected to the internet through the network`s gate, so all the traffic comes through eth0. I wish to separate traffic incoming from the IPs on top from all other traffic
I wanted to know if i can install mrtg on a client computer in network and measure the network's router traffic.i know that it can be installed on the server.
View 5 Replies View RelatedI'm looking for a powerful network traffic monitor that can do all of the following (or at least a combination of tools that can do the following):
Tell me how much data was downloaded/uploaded on an interface this month and the previous month tell me how the traffic was used throughout the monthshow which internal IPs (IPs in the 192.168.1.0/24 network) used how much traffic show which ports/protocols on those IPs used all that traffic
Hhow LIVE traffic flow statistics that can tell me total speed of traffic going through an interface as well asshow which internal IPs (IPs in the 192.168.1.0/24 network) are using how much of the traffic show which ports/protocols on those IPs are using that traffic
This tool will run on a linux router through which all my internal PCs are connected to the Internet. This means the tool(s) need to work with NAT (traffic being forwarded and not necessarily destined for the interfaced being monitored).
The distribution being run doesn't have a package manager so any packages or dependencies have to be manually compiled and SCPed over file by file. For this reason, the tool/tools need to be simple (things like vnstat, not things like ntop that have their own web interface).
I know that vnstat can tell me the first bullet point so it's only there incase there's a tool out there that can do everything. If there's a tool that can only do the second or third bullet point, that's great too - I'll just keep using vnstat and look for something else to do the other task.
I am currently setting up a old box to serve as a general, quality router/fileserver that should give me fine control over my network traffic. This router will serve as the bridge between several local users and the Internet, along with quite a few machines.Traffic is expected to be heavy, in the sense of multiple powerusers using the Internet to the fullest, not from one machine doing anything insane like Torrenting. The connection profile will reflects lots of up and down, not necessarily a huge number of persistent connections.Due to security concerns, the need to build an encrypted tunnel between a SoHo LAN and a dedicated server is unescapable. I'm trying to determine whether I can pull this off with a simple SSH tunnel on the box serving as the local router, or if a VPN (either PPTP or L2TP) is a more appropriate solution.Proxying won't work, because not all apps can easily be socksified across the Windows, GNU/Linux, and OSX platforms that the users will need. For this reason, I have to pull this off strictly at the router level.
I'm not all that familiar with the specific details of each protocol's performance as far as their latency, efficiency, overhead, and fault-tolerance are concerned. I'm less concerned with a protocol taking up CPU as I am with useless bytes and latency it might be introducing to the link. I don't know the low-level nitty gritty of how each protocol encapsulates its traffic.If there is an existing package for this, it would be great, but at this point I'm simply trying to figure out which protocol is more appropriate before I begin digging in the wrong direction. The biggest concern, of course, is that the chosen protocol aggressively re-establish sessions should the connection suddenly drop, which will be a concern given the SoHo line I'll have to work with. The actual outbound server is no concern, as it has four cores and a Gbps line.
I get all my traffic from my router, as this computer seldom moves. So is there a use for a firewall?I am not sure, because when I scan my IP address with nmap, no matter what the changes I make in the firewall, it is always the same scan...cannot fingerprint OS...and all closed ports.The all closed ports thing only changes when i torrent, then i get a wide open port.
View 14 Replies View RelatedI need to set up my centOS computer as a firewall in my home network. Ive got 2 interfaces, eth0 and eth1. I want to allow and forward all traffic on eth0 and block all traffic on eth1 except ssh, ping(icmp) and DNS. How do I do this? Ive tried some editing in /etc/sysconfig/iptables but no luck.
View 1 Replies View RelatedI wanted to tell my server to block all traffic but US only traffic. So i followed this guide:[URL].. Now I know, it's the best way to help prevent hackers/crackers (doesn't matter to me what they are called. I just have to stop them). My server only deals with US clients anyways so might as well just start right there for my server's security before getting into the brute force and injection preventions. So I got it all done compiled everything moved to the proper directory. I then started to setup my iptables. Like so
Code: iptables -F INPUT
iptables -F OUTPUT
iptables -I INPUT 1 -s *.*.*.* -p tcp --dport 22 -j ACCEPT
iptables -I INPUT 2 -s *.*.*.* -p tcp -j ACCEPT
[Code]...
After seeing that i went digging in the code and figured it was something todo with memory allocation.
I have a number of computers on a LAN. There are 3 laptops and 1 desktop, all running windows. I also have a Ubuntu server in the garage which servers up files to all those on the LAN. The server is not visible outside of the LAN for security reasons. Now, I want to track all traffic from any computer in my house that is coming and going in and out from the inter-tubes. I do not want to add this as a service to my current server as (a) it is behind the LAN and (b) I don't want to mess with security issues with that server.
I think I could set up a computer (an extra) which is between the modem and the router with two ethernet cards which would be able to monitor all traffic coming and going. This computer would, obviously, be exposed to all potential attacks as it wouldn't be behind the router's firewall. I'm not sure exactly how that would like or what software to use.
Recently I notice that when I'm connected to an vpn server (pptpd) and I'm using it as a default gateway my download and upload speed decreases almost to the half of the usual speed. I made a test using iptables in order to count how much GRE packets are generated (except the real traffic itself) in that way:
Code:
iptables -I INPUT -p gre -j ACCEPT
iptables -I OUTPUT -p gre -j ACCEPT
iptables -I FORWARD -s 172.16.10.101 -j ACCEPT
iptables -I FORWARD -d 172.16.10.101 -j ACCEPT
The first 2 rules match all GRE packets between the pptpd server and client, and the next rules - the traffic between the server and the client.
When I turn the counters to zero and begin to generate traffic (to browse, to download etc.) I see that the GRE packets are even more than these in the FORWARD chain.
So, my question is first of all is my test correct and is it true that so much gre traffic is being generated during the browsing (it becames clear that the traffic is double than if the pptpd wasn't used as a gateway) and if yes - can that traffic be reduced?
I have two Linux processes communicating via a nameless pipe. How can monitor the traffic in the pipe? How can I inject data into the pipe? I have root access and know the pipe inode.
View 2 Replies View RelatedI am on a slow Internet connection and it really makes me mad if something gets downloaded in background (like automatic update of any software) without my knowledge.
How can I monitor my network traffic sorted according to the "which binary file is using how much"? I can find the total transfer rate in "System Monitor" in Gnome, but what if I want to find for individual process. There are softwares like netmonitor in Windows, but how can I achieve that in UBUNTU LINUX.
GUI application will be nice, command line software will also be fine..
Does anyone knows of any open source proxy/web traffic monitoring application so I can run reports on users web browsing for Linux? Something equivalent to websense? but free I'm not really concern about blocking any traffic only running reports.
View 2 Replies View RelatedWhat is the setup required in order for a 2 NIC machine to only forward traffic ?
I am planning to set up a machine between the LAN and Router like this:
LAN <--> machine <--> router <--> internet
This machine will only forward traffic. I will use it with ntop, squid, maybe snort
or maybe Untangle if I find it satisfactory.
Is my scenario fiable ?
I want to forward traffic, use ntop and squid on it.
Is there a graphic tool that can monitor the traffic over a USB port?
ie like system monitor for network traffic but over a specific port?
Does anyone maybe know of a client app for Windows/Linux that polls the Linux (Ubuntu) Gateway and checks (in almost real-time) what the bandwidth usage is? Something like KInternet (which is SuSE only as far as I know) where you can see a graph showing how much kbps is sent and received per second.
View 11 Replies View RelatedI need a simple traffic monitor for Linux, that counts the traffic in a specific wireless network because I have volume restrictions on that one.I tried it using the following iptables rule:
[code]...
iptables -m mac -A INPUT -p all --mac-source <mac-address> ! -s 10.0.0.0/8
where <mac-address> is the router's one. 10.0.0.0/8 is the local subnet. What I actually want is something like --routed-through <mac-address>. Also, is there some way to gather iptables's statistics? Or is there maybe another tool that does what I want (reliable)?
I would like to be able to monitor which programs are allowed to access the internet, but a search for programs to do this has turned up nothing. Preferably, I would like a notification to come up every time an application uses the internet. Is there any (n00b friendly) software available to do that?
View 2 Replies View Related