linux console program to monitoring network traffic including TCP/UDP session packet and bytes?

This is a discussion on linux console program to monitoring network traffic including TCP/UDP session packet and bytes? within the Linux Security forums, part of the System Security and Security Related category; Hello, I'm using linux firewall (kernel 2.4.25 ) I'd like to see and packet , bytes via session ...


Go Back   Usenet Forums > System Security and Security Related > Linux Security

Reload this Page linux console program to monitoring network traffic including TCP/UDP session packet and bytes?

FAQ Members List Calendar Search Today's Posts Mark Forums Read

Reply

 

LinkBack Thread Tools Search this Thread Display Modes
  #1 (permalink)  
Old 06-09-2004
rambo88
 
Posts: n/a
Default linux console program to monitoring network traffic including TCP/UDP session packet and bytes?
Hello,
I'm using linux firewall (kernel 2.4.25 )
I'd like to see and packet , bytes via session monitoring on linux firewall.

when I issue #cat /proc/net/ip_conntract command on linux firewall console
, I can't see them.

I'm looinking for linux console program for TCP/UDP session monitoring
including packets and bytes.

or Is there a linux console program ( not UI and not Windows version ) to
see session informaion include
bytes, packets ?

===========================
#cat /proc/net/ip_conntract ==> can't see bytes and packets ...

tcp 6 431999 ESTABLISHED src=192.168.7.80 dst=192.168.7.1 sport=1194
dport=22 src=192.168.7.1 dst=192.168.7.80 sport=22 dport=1194 [ASSURED]
use=1
tcp 6 431980 ESTABLISHED src=192.168.7.90 dst=207.46.107.60 sport=3788
dport=1863 src=207.46.107.60 dst=218.55.14.100 sport=1863 dport=3788
[ASSURED] use=1
..
..
..

Thanks a lot.
have a day.



Reply With Quote
  #2 (permalink)  
Old 06-09-2004
Dr. Robert Meier
 
Posts: n/a
Default Re: linux console program to monitoring network traffic including TCP/UDP session packet and bytes?
In article <ca6cvg$vs$1@news.hananet.net>, rambo88 wrote:
> Hello,
> I'm using linux firewall (kernel 2.4.25 )
> I'd like to see and packet , bytes via session monitoring on linux firewall.
> ...
> I'm looinking for linux console program for TCP/UDP session monitoring
> including packets and bytes.
>
> or Is there a linux console program ( not UI and not Windows version ) to
> see session informaion include
> bytes, packets ?

There are many solutions. The usual limit is your time spent picking
out the "significant" packets from the usually overwhelming volume
of packets going by.

If you need a CLI (scriptable) tool consider tcpdump(8).

If you need practical filtering, consider ApplicationVantage
(our proprietary product) form Compuware (http://www.compuware.com/)

If your load is small enough that you can tolerate its limited capture
filtering, consider ethereal(8).

Hopefully helpful,
--
Dr. Robert J. Meier
Server Vantage Agent Infrastructure
Reply With Quote
  #3 (permalink)  
Old 06-09-2004
cb
 
Posts: n/a
Default Re: linux console program to monitoring network traffic includingTCP/UDP session packet and bytes?
rambo88 wrote:
> Hello,
> I'm using linux firewall (kernel 2.4.25 )
> I'd like to see and packet , bytes via session monitoring on linux firewall.
>
> when I issue #cat /proc/net/ip_conntract command on linux firewall console
> , I can't see them.
>
> I'm looinking for linux console program for TCP/UDP session monitoring
> including packets and bytes.
>
> or Is there a linux console program ( not UI and not Windows version ) to
> see session informaion include
> bytes, packets ?
>
> ===========================
> #cat /proc/net/ip_conntract ==> can't see bytes and packets ...
>
> tcp 6 431999 ESTABLISHED src=192.168.7.80 dst=192.168.7.1 sport=1194
> dport=22 src=192.168.7.1 dst=192.168.7.80 sport=22 dport=1194 [ASSURED]
> use=1
> tcp 6 431980 ESTABLISHED src=192.168.7.90 dst=207.46.107.60 sport=3788
> dport=1863 src=207.46.107.60 dst=218.55.14.100 sport=1863 dport=3788
> [ASSURED] use=1
> .
> .
> .
>
> Thanks a lot.
> have a day.
>
>
>
Not sure if this is the information you are looking for, but iptables
-L -v -n gives you the packet and byte numbers for each chain.

Reply With Quote
  #4 (permalink)  
Old 07-20-2004
Bernhard Kastner
 
Posts: n/a
Default Re: linux console program to monitoring network traffic includingTCP/UDP session packet and bytes?
rambo88 wrote:

> Hello,
> I'm using linux firewall (kernel 2.4.25 )
> I'd like to see and packet , bytes via session monitoring on linux firewall.
>
> when I issue #cat /proc/net/ip_conntract command on linux firewall console
> , I can't see them.
>
> I'm looinking for linux console program for TCP/UDP session monitoring
> including packets and bytes.
>
> or Is there a linux console program ( not UI and not Windows version ) to
> see session informaion include
> bytes, packets ?
>
> ===========================
> #cat /proc/net/ip_conntract ==> can't see bytes and packets ...
>
> tcp 6 431999 ESTABLISHED src=192.168.7.80 dst=192.168.7.1 sport=1194
> dport=22 src=192.168.7.1 dst=192.168.7.80 sport=22 dport=1194 [ASSURED]
> use=1
> tcp 6 431980 ESTABLISHED src=192.168.7.90 dst=207.46.107.60 sport=3788
> dport=1863 src=207.46.107.60 dst=218.55.14.100 sport=1863 dport=3788
> [ASSURED] use=1
> .
> .
> .
>
> Thanks a lot.
> have a day.
>
>
>
TCPDUMP

--
---
http://www.alf.at.tc
Austrian Linux Forum
Reply With Quote
  #5 (permalink)  
Old 07-22-2004
tutaepaki
 
Posts: n/a
Default Re: linux console program to monitoring network traffic including TCP/UDP session packet and bytes?
Bernhard Kastner <bkastner@aon.at> wrote in
news:2m4k05FirjpjU1@uni-berlin.de:

> rambo88 wrote:
>
>> Hello,
>> I'm using linux firewall (kernel 2.4.25 )
>> I'd like to see and packet , bytes via session monitoring on linux
>> firewall.
>>
>> when I issue #cat /proc/net/ip_conntract command on linux firewall
>> console , I can't see them.
>>
>> I'm looinking for linux console program for TCP/UDP session
>> monitoring including packets and bytes.
>>
>> or Is there a linux console program ( not UI and not Windows version
>> ) to see session informaion include
>> bytes, packets ?
>>
>> ===========================
>> #cat /proc/net/ip_conntract ==> can't see bytes and packets ...
>>
>> tcp 6 431999 ESTABLISHED src=192.168.7.80 dst=192.168.7.1
>> sport=1194 dport=22 src=192.168.7.1 dst=192.168.7.80 sport=22
>> dport=1194 [ASSURED] use=1
>> tcp 6 431980 ESTABLISHED src=192.168.7.90 dst=207.46.107.60
>> sport=3788 dport=1863 src=207.46.107.60 dst=218.55.14.100 sport=1863
>> dport=3788 [ASSURED] use=1
>> .
>> .
>> .
>>
>> Thanks a lot.
>> have a day.
>>
>>
>>
> TCPDUMP
>

or, if you only want the # bytes/packets for a session rather than the
actual packet details, iptraf.
Reply With Quote
Reply
Thread Tools Search this Thread
Search this Thread:

Advanced Search
Display Modes
Linear Mode Linear Mode

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts
BB code is On
Smilies are Off
[IMG] code is Off
HTML code is Off
Trackbacks are On
Pingbacks are On
Refbacks are On



All times are GMT +1. The time now is 03:03 AM.

Contact Us - Usenet Forums - Archive - Top

Powered by vBulletin® Version 3.7.3
Copyright ©2000 - 2008, Jelsoft Enterprises Ltd.
Content Relevant URLs by vBSEO 3.0.0