Graphing Bandwidth Usage by Application/Port

Post by Jeff Workma » Tue, 25 Apr 2000 04:00:00

Recently I've been asked to graph the bandwidth usage on our firewall.
I have set up SNMP and MRTG to monitor overall bandwidth used, but my boss
wants usage broken down to the application level as well. I needsome way to
chart this, and be able to report it by both percentage of total bandwidth
used, and by kilobytes/second.

The firewall is a Solaris 2.6 machine, running Checkpoint FW-1 4.0.

I've been searching for the past couple of days, and getting pretty
frustrated in my efforts. Could anyone point me to a simple daemon
that is capable of logging bandwidth usage on a "per port/host" basis.

For instance, I would like a running log of the total amount of
traffic on port 119 from my ISP's news server to my machine. I've
seen some apps that look capable of doing such a thing, but they
mostly seem to be horribly complex things that require PHP, SQL,
iptables-accounting, etc. It all seems to be complete overkill for
my purposes. The simpler daemon type apps seem to be only capable
of generating per-interface stats.

I just want a simple daemon that will generate a textual log of
traffic totals and can differentiate hosts/ports. Maybe something
using libpcap or similar.

Any ideas?


