Re: Open Source Port Tracking

["R. DuFresne" <dufresne () sysinfo com>]

You can do some of this with your rulebase, but setting up accounting
rules.   To get the stats one then does an iptables -l ...

Thanks,

Ron DuFresne



On Tue, 4 Feb 2003, Small, Jim wrote:

> Right now on my network, everything goes in and out through my IPFilter
> firewall running on FreeBSD.  I would like to implement a good Open Source
> package that keeps track of the total amount of packets and bytes including
> on a per port basis.
>
> So a report might be something (text or gui) like this:
> 12,048,219 packets for a total of 5975916624 bytes
> Port  Packets Bytes
> 9     12              2496
> 20    800190  ...
> 21    129900  ...
> 22    (etc...)
>
> The idea being, I would like to see which ports are being used and how much
> traffic is going over/through them.  I've been trying ntop, but it doesn't
> track all ports.  I know IPFilter has a count option, but it would be
> tedious to set up 65,535x2 rules for all TCP/UDP ports.  Could someone
> recommend something else?
>
> Thanks,
>    <> Jim
>
> _______________________________________________
> firewall-wizards mailing list
> firewall-wizards () honor icsalabs com
> http://honor.icsalabs.com/mailman/listinfo/firewall-wizards

-- 
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
        admin & senior security consultant:  sysinfo.com
                        http://sysinfo.com

"Cutting the space budget really restores my faith in humanity.  It
eliminates dreams, goals, and ideals and lets us get straight to the
business of hate, debauchery, and self-annihilation."
                -- Johnny Hart

testing, only testing, and damn good at it too!

_______________________________________________
firewall-wizards mailing list
firewall-wizards () honor icsalabs com
http://honor.icsalabs.com/mailman/listinfo/firewall-wizards