[TriLUG] Linux tool to monitor IP traffic

Steve Hoffman srhoffman at gmail.com
Wed May 17 11:20:16 EDT 2006


Thanks to all who chimed in on the ASA issue...I've got the two ranges
working now, but still can't get the other ISP to work on the same ASA..not
a huge deal right now..I may just purchase another one and truly use it as
failover?

Regardless...Since I'm no longer using NAT on a linux machine for the
corporate network my normal tools for monitoring network usage aren't
working so well...

I've cloned a port on the switch that connects to the ASA and tcpdump shows
that I'm in fact capturing all packets..but I can't really tell who is my
bandwith hog...just see alot of traffic going back and forth and our T1 is
pegged....

I used to use iptraf on the network gateway to see what IP was doing the
most back and forth and could lookup the IP to nail the culprit....but that
no worky now.  I've used ethereal and tcpdump, but only to see what a
particular connection was doing..not to find out who to monitor for
excessive use.   What is a good tool for tracking down a user taking up more
then their fair share..it should be linux based and I'd prefer something on
the command line, but If it's windows based or a linux GUI i'll drag a
monitor back there or carry a laptop to the network closet.

Thanks,
Steve



More information about the TriLUG mailing list