Simple daemon to log bandwidth usage per port/host?

Simple daemon to log bandwidth usage per port/host?

Post by Jonathan A » Sun, 19 Oct 2003 04:21:44



Hi,

I've been searching for the past couple of days, and getting pretty
frustrated in my efforts. Could anyone point me to a simple daemon
that is capable of logging bandwidth usage on a "per port/host" basis.

For instance, I would like a running log of the total amount of
traffic on port 119 from my ISP's news server to my machine. I've
seen some apps that look capable of doing such a thing, but they
mostly seem to be horribly complex things that require PHP, SQL,
iptables-accounting, etc. It all seems to be complete overkill for
my purposes. The simpler daemon type apps seem to be only capable
of generating per-interface stats.

I just want a simple daemon that will generate a textual log of
traffic totals and can differentiate hosts/ports. Maybe something
using libpcap or similar.

Any ideas?

TIA,
Jonathan

--
Don't just hit reply. Email address is broken. Thank
your friendly neighborhood spammer. Email replies to:
user: jnthn1                domain: earthlink<dot>net

 
 
 

Simple daemon to log bandwidth usage per port/host?

Post by Klaat » Sun, 19 Oct 2003 04:41:10



> Hi,

> I've been searching for the past couple of days, and getting pretty
> frustrated in my efforts. Could anyone point me to a simple daemon
> that is capable of logging bandwidth usage on a "per port/host" basis.

> For instance, I would like a running log of the total amount of
> traffic on port 119 from my ISP's news server to my machine. I've
> seen some apps that look capable of doing such a thing, but they
> mostly seem to be horribly complex things that require PHP, SQL,
> iptables-accounting, etc. It all seems to be complete overkill for
> my purposes. The simpler daemon type apps seem to be only capable
> of generating per-interface stats.

> I just want a simple daemon that will generate a textual log of
> traffic totals and can differentiate hosts/ports. Maybe something
> using libpcap or similar.

> Any ideas?

> TIA,
> Jonathan

IPTraf?
http://iptraf.seul.org/

 
 
 

Simple daemon to log bandwidth usage per port/host?

Post by Jonathan A » Sun, 19 Oct 2003 05:37:14


On Fri, 17 Oct 2003 19:41:10 GMT, Klaatu


>> I just want a simple daemon that will generate a textual log of
>> traffic totals and can differentiate hosts/ports. Maybe something
>> using libpcap or similar.

> IPTraf?

Well, it's possible to run iptraf in background with a filter set to
monitor just the host/port I'm interested in. Only problem is, I use
iptraf in interactive mode a lot, and I don't see any way to change
the filters in interactive mode that wouldn't also apply next time I
start in "daemon" mode.

IOW, I would have to be careful to remember to re-apply the filter
every time I removed it in interactive mode, if I want to keep
background mode from logging everything next time it starts. It's
a thought, but something more "fire and forget" would be much more
manageable over the long term.

ciao,
Jonathan

--
Don't just hit reply. Email address is broken. Thank
your friendly neighborhood spammer. Email replies to:
user: jnthn1                domain: earthlink<dot>net

 
 
 

1. Monitoring bandwidth usage - writing a simple monitor

With a lot of help from my friends I wrote a bash script that displays
the number of kilobytes being uploaded & downloaded every second via my
eth0 internet connection.

The ouput looks like:

$ monitor

10.8 k/s 2.3 k/s
22.3 k/s 1.3 k/s
12.1 k/s 3.1 k/s
...

The logic of the script goes something like this:

init:

invoke netstat to retrieve initial packet counts

do forever:

invoke netstat to retrieve next packet counts
compute kilobyte delta = packet delta * MTU / 1024
display results

This works fine and displays plausible results, but they seem to differ
somewhat (+20-30%) from an earlier version that collected byte counts
from the kernel's /proc/net/dev pseudo-file.

I understand that the above approach is not entirely correct since I
wait one second (how accurate is that on a multi-processing OS?) but
also, some correction factor would need to be applied to account for
the elapsed time that is necessary for the code itself to execute ..
the fact this is a bash script at this point probably doesn't help.

I also realize that there are probably CLI tools that already do
something similar.  I definitely would be curious if any one recommended
something that might display this information and  I would take a look
as to how their authors went about doing this.

Naturally, I don't need anything highly accurate .. this is both an
exercise to try and understand these aspects better .. and something
that will display two counters at the bottom of my screen so I have some
idea of what is going on with the system.

Thanks!

2. Shareware NFS??

3. Per process, per user network bandwidth limiter

4. KDE 3 much slower than expected

5. Logging bandwidth usage

6. How do I clear /var/log/messages?

7. Monitor Apache CPU / memory usage per virtual host?

8. Mail List Registration

9. Logging Bandwidth Usage over a Network?

10. Graphing Bandwidth Usage by Application/Port

11. Apache's mod_userdir to LOG the requests by virtual hosts to keep track of bandwidth?

12. Please give a simple sample about LOG usage in iptables!

13. Ho to log access_log to split file and based on split per-virtual-host !