Re: network traffic analyzer

On Thu, 2009-01-22 at 21:00 -0600, Michael Cronenworth wrote:
> I'm looking for a web based (graphs) solution for (real-time) network 
> traffic on a Linux (Fedora) router. I currently use iptraf to catch 
> bandwidth usage and type of usage, but I'd love a more accessible interface.

For a single box, ntop is what you're looking for. Be forewarned though
- traceing ALL packages (which ntop will do) takes a lot of disk-space.
Your /var will grow considerable. But the stats are very very nice!

> ntop is a hunk of trash. It's extremely slow and also presents data like 
> RRTG/PRTG. All over the place.

Well, you wanted detailed graphs? I would exactly call the output pretty
but it's there, sorted all kinds of ways.

> -All interfaces graphed. darkstat is limited to one interface AFAIK.
> -Breakdown of traffic type. common ports like HTTP, SSH, etc would be 
> good enough.
> -Breakdown of host traffic. I'd like to see per IP traffic in real time.
> -Real time filtering. darkstat requires a restart to filter IPs or 
> anything else.

Web <> realtime unless you run applets of some kind. But it'll get close
enough. Otherwise, why not look for a real network management solution
like nagious? They'll give you interface traffic on all your equipment.
Usually I track traffic accross the network; not just on a single host.

Peter Larsen <plarsen famlarsen homelinux com>

