Ubuntu :: Internet Traffic Flow Monitor - Track Traffic Of Each Device
Apr 27, 2010
We have something on our network that is reaking havoc with our content filter. I am trying to track it down, but so far I have been unsuccessful. We have approximately 500 devices in 100+ different locations spread across 9 states. Looking at each computer is not really feasible.
I need a machine that can sit in between our network and our internet connection and graphically monitor in real time and logs how much traffic each device is sending and receiving. It would need to sit inline so it has to have two nics and be able to pass traffic. The machine also needs to be transparent. Reconfiguration of our routers or workstations is not an option.
I have used ethereal and wireshark before. Ethereal may be a viable option, but wireshark seems to provide lots of information, but no practical way to make use of it. how to set up the box to be a transparent device on the network that will allow internet bound traffic to flow (freely)?
View 3 Replies
ADVERTISEMENT
Sep 27, 2009
Recently I notice that when I'm connected to an vpn server (pptpd) and I'm using it as a default gateway my download and upload speed decreases almost to the half of the usual speed. I made a test using iptables in order to count how much GRE packets are generated (except the real traffic itself) in that way:
Code:
iptables -I INPUT -p gre -j ACCEPT
iptables -I OUTPUT -p gre -j ACCEPT
iptables -I FORWARD -s 172.16.10.101 -j ACCEPT
iptables -I FORWARD -d 172.16.10.101 -j ACCEPT
The first 2 rules match all GRE packets between the pptpd server and client, and the next rules - the traffic between the server and the client.
When I turn the counters to zero and begin to generate traffic (to browse, to download etc.) I see that the GRE packets are even more than these in the FORWARD chain.
So, my question is first of all is my test correct and is it true that so much gre traffic is being generated during the browsing (it becames clear that the traffic is double than if the pptpd wasn't used as a gateway) and if yes - can that traffic be reduced?
View 3 Replies
View Related
Mar 9, 2009
Is there a nice easy to use tool that displays (in KB/s) the internet traffic from every IP on a network?
Currently I'm using iptraf, but it's very hard to understand at times.
A little info on my network:
I'm using SNAT for internet sharing.
View 4 Replies
View Related
Aug 23, 2009
I have a 2 machine LAN with both machines having an ethernet card and a wireless card. There is a Netgear router, both eth and WiFi, allowing both machines to access the internet.
On my Linux machine I am looking for some software that allows me to keep track of my broadband usage on that machine, excluding traffic between the two machines.
There are numerous such programmes for this in XP, which use Winpcap and a GUI frontend. The "other" machine on my LAN is XP and uses just such a program.
View 4 Replies
View Related
Mar 8, 2011
Ubuntu system monitor applet doesn't show internet traffic although my wireless is working just fine. I use a conky to monitor bandwidth through vnstat and had no problem till I upgraded to maverick.
**ifconfig
wlan0 Link encap:Ethernet HWaddr 00:24:d2:c4:3e:da
inet adr:192.168.0.100 Bcast:192.168.0.255 Masque:255.255.255.0
adr inet6: fe80::224:d2ff:fec4:3eda/64 Scope:Lien
UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1
[Code]...
View 1 Replies
View Related
Nov 8, 2010
I would like to be able to monitor which programs are allowed to access the internet, but a search for programs to do this has turned up nothing. Preferably, I would like a notification to come up every time an application uses the internet. Is there any (n00b friendly) software available to do that?
View 2 Replies
View Related
Sep 29, 2010
I need to set up my centOS computer as a firewall in my home network. Ive got 2 interfaces, eth0 and eth1. I want to allow and forward all traffic on eth0 and block all traffic on eth1 except ssh, ping(icmp) and DNS. How do I do this? Ive tried some editing in /etc/sysconfig/iptables but no luck.
View 1 Replies
View Related
Mar 15, 2011
I wanted to tell my server to block all traffic but US only traffic. So i followed this guide:[URL].. Now I know, it's the best way to help prevent hackers/crackers (doesn't matter to me what they are called. I just have to stop them). My server only deals with US clients anyways so might as well just start right there for my server's security before getting into the brute force and injection preventions. So I got it all done compiled everything moved to the proper directory. I then started to setup my iptables. Like so
Code: iptables -F INPUT
iptables -F OUTPUT
iptables -I INPUT 1 -s *.*.*.* -p tcp --dport 22 -j ACCEPT
iptables -I INPUT 2 -s *.*.*.* -p tcp -j ACCEPT
[Code]...
After seeing that i went digging in the code and figured it was something todo with memory allocation.
View 1 Replies
View Related
May 24, 2010
I have a number of computers on a LAN. There are 3 laptops and 1 desktop, all running windows. I also have a Ubuntu server in the garage which servers up files to all those on the LAN. The server is not visible outside of the LAN for security reasons. Now, I want to track all traffic from any computer in my house that is coming and going in and out from the inter-tubes. I do not want to add this as a service to my current server as (a) it is behind the LAN and (b) I don't want to mess with security issues with that server.
I think I could set up a computer (an extra) which is between the modem and the router with two ethernet cards which would be able to monitor all traffic coming and going. This computer would, obviously, be exposed to all potential attacks as it wouldn't be behind the router's firewall. I'm not sure exactly how that would like or what software to use.
View 2 Replies
View Related
Jan 20, 2010
Does anyone knows of any open source proxy/web traffic monitoring application so I can run reports on users web browsing for Linux? Something equivalent to websense? but free I'm not really concern about blocking any traffic only running reports.
View 2 Replies
View Related
Feb 3, 2010
What is the setup required in order for a 2 NIC machine to only forward traffic ?
I am planning to set up a machine between the LAN and Router like this:
LAN <--> machine <--> router <--> internet
This machine will only forward traffic. I will use it with ntop, squid, maybe snort
or maybe Untangle if I find it satisfactory.
Is my scenario fiable ?
I want to forward traffic, use ntop and squid on it.
View 2 Replies
View Related
Jan 20, 2011
Is there an easy way to monitor network traffic? I want to make sure my kids are surfing safe...
View 5 Replies
View Related
Jan 8, 2010
is it possible to see the router traffic using a remote system? can those packet headers b modified for marking purpose?
View 5 Replies
View Related
Dec 18, 2010
How will I monitor the traffic of tun0 ?
View 5 Replies
View Related
Sep 27, 2010
what I want to achieve is just to be able to say to who ever is killing our relatively fast connect that they aren't the only person using the network. Everyone just says "I hardly download anything." which is obviously untruthful as normally I can download at 1.5 MB/s but now loading even google.com takes way too long (same with pinging and all other sites). Once I do this, I can determine whether or not I need to call my ISP and do the long 'on hold' dance and "have you tried rebooting the router" BS.
View 8 Replies
View Related
Dec 14, 2010
I have two Linux processes communicating via a nameless pipe. How can monitor the traffic in the pipe? How can I inject data into the pipe? I have root access and know the pipe inode.
View 2 Replies
View Related
Jan 22, 2010
I am on a slow Internet connection and it really makes me mad if something gets downloaded in background (like automatic update of any software) without my knowledge.
How can I monitor my network traffic sorted according to the "which binary file is using how much"? I can find the total transfer rate in "System Monitor" in Gnome, but what if I want to find for individual process. There are softwares like netmonitor in Windows, but how can I achieve that in UBUNTU LINUX.
GUI application will be nice, command line software will also be fine..
View 2 Replies
View Related
Apr 19, 2011
Is there a graphic tool that can monitor the traffic over a USB port?
ie like system monitor for network traffic but over a specific port?
View 1 Replies
View Related
Dec 26, 2008
Does anyone maybe know of a client app for Windows/Linux that polls the Linux (Ubuntu) Gateway and checks (in almost real-time) what the bandwidth usage is? Something like KInternet (which is SuSE only as far as I know) where you can see a graph showing how much kbps is sent and received per second.
View 11 Replies
View Related
Oct 29, 2009
is there a utility with which I can get the current traffice towards a given host, for example;
command 87.255.33.32
22000
View 1 Replies
View Related
Sep 14, 2010
I am connected to a network with free traffic inside it and post-paid outer traffic. So I need a way to be able to separately monitor the download traffic from inside and outside the network. All the solutions I`ve found for now offer monitoring of ALL up/down traffic.
So, I want to get separate statistics on these:
1 — 81.89.188.0/23, 217.197.9.0/24
2. — 81.89.186.0/23
3. — 81.89.178.0/23
4. — 81.89.176.0/23
5. — 81.89.180.0/24
9. — 217.197.12.0/24
[Code]...
UPD: I`m connected to the internet through the network`s gate, so all the traffic comes through eth0. I wish to separate traffic incoming from the IPs on top from all other traffic
View 9 Replies
View Related
Jul 28, 2011
I need a simple traffic monitor for Linux, that counts the traffic in a specific wireless network because I have volume restrictions on that one.I tried it using the following iptables rule:
[code]...
iptables -m mac -A INPUT -p all --mac-source <mac-address> ! -s 10.0.0.0/8
where <mac-address> is the router's one. 10.0.0.0/8 is the local subnet. What I actually want is something like --routed-through <mac-address>. Also, is there some way to gather iptables's statistics? Or is there maybe another tool that does what I want (reliable)?
View 3 Replies
View Related
Oct 6, 2010
I am sharing my DSL internet connection using a modem+wireless router (single device) to 5 systems. I want all my internet traffic to go through one of the linux boxes in my network.
The problem here is that wireless devices connect directly to the modem+wireless router.
Is such routing of traffic possible??
PS: I am not sure if i could convey my situation clearly...
View 2 Replies
View Related
Jul 27, 2010
I have a desktop, a laptop, & a wireless router. The router, unfortunately, doesn't support dd-wrt, tomato, etc firmware, but I would still like to prioritize voip/web browsing over bulk Internet traffic. I hope I can offload the router's missing QoS to my desktop.
Is it possible to have the laptop's connection go from the wall to the router to the desktop, where the desktop could perform the QoS of tomato, then continue on to the laptop? I'm a bit of a noob to networking (subnets?) but do well enough following good instructions.
As for the program that would do the QoS... Don't some Linux machines basically work as super-powered routers for businesses? So there must be some package but couldn't find one. The closest I got was wondershaper but it only shapes traffic for the computer on which it's installed; it might form part of the solution but falls short on its own. other devices should be able to access the Internet normally if the desktop is turned off, & work with other devices like a (jailbroken) iPod Touch.
View 1 Replies
View Related
Feb 5, 2011
this is the conky code I found, that displays on conky the way I like, problem is everything shows as 0bytes, and stays that way.
Code:
# UBUNTU-CONKY
# A comprehensive conky script, configured for use on
# Ubuntu / Debian Gnome
#
[Code].....
View 9 Replies
View Related
Feb 8, 2011
I have the standard wired LAN NIC and a wireless NIC installed. What my problem is, the wireless NIC will not take any internet traffic. The LAN connection gets it's internet from my LAPTOP with a Clear 4G module. I have a very strong wireless connection, but when I remove the LAPTOP from the network, I get nothing on my Ubuntu computer here, even though I have a solid connection. What is needed in the config to let the wireless run in the "back up" internet connection mode?
View 9 Replies
View Related
Jul 19, 2011
My PC is part of a LAN so while configuring eth0, we specify the Gateway to access all other resources in the network. The PC successfully access Internet through a proxy server configured in Mozilla(manual proxy config) but the update option or the Synaptic Pkg mngr are not able to access internet anyway. I have tried the option "Apply System Wide" in "Network Proxy" but no progress so far.
I also tried to forward all request coming for udp/tcp on port 80 to the proxyserver on a specific port, but with no success. Also I can't ping any website from terminal, reiterating the fact that I can access internet in firefox through the proxy on a specific port.
View 2 Replies
View Related
Mar 4, 2010
My ISP has given me 3 IP addresses to use for the internet (76.148.200.3, 76.148.200.4 and 76.148.200.5).
If I do a "wget whatismyip.com" or netcat into another server, I am appearing as 76.148.200.3.How do I change my route (command line) in linux to route internet traffic through 76.148.200.5?
Code:
# This file describes the network interfaces available on your system
# and how to activate them. For more information, see interfaces(5).
# The loopback network interface
auto lo
code....
View 9 Replies
View Related
Mar 28, 2010
I have eth0 and tun0. tun0 is a VPN tunnel going over eth0. Everything on the other end is setup and working fine, when I type Code: traceroute 4.2.2.1 I see my the ping is going over 192.168.2.99 (eth0). When I then type Code: route add -net 4.2.2.1 netmask 255.255.255.255 dev tun0 traceroute 4.2.2.1 I see ping is going over 10.8.0.1 (tun0) instead of eth0, so that is working
What does not work however is when I do Code: route add -net 0.0.0.0 netmask 0.0.0.0 dev tun0 traceroute 4.2.2.1 I get no ping! I believe the problem is because all traffic is routing over tun0, which means even the VPN tun0 needs to go through eth0, it can no longer do this. Is there a way around this where I can route everything except for 114.77.31.26 (which is my VPN gateway for tun0)?
View 18 Replies
View Related
Mar 30, 2010
I'd like to allocate a certain quota to my local user for their internet navigation.
View 8 Replies
View Related
