nanog mailing list archives
Re: Linux router traffic monitoring, how? netflow?
From: srn.nanog () prgmr com
Date: Fri, 14 Nov 2014 10:38:55 -0800
fprobe is a linux-based netflow probe that uses libpcap (as does tcpdump) and is already in the ubuntu universe repository. There is an ipv4-only iptables based version too called fprobe-ulog. For collectors, it looks like the ones already available in ubuntu are nfcapd from nfdump and flow-capture from flow-tools. For analysis/alerts, cacti with the thold and flowview plugins might do the job. On 11/13/2014 09:09 AM, Eliezer Croitoru wrote:
Hey all, I have a tiny linux router based on ubuntu and sometimes I get a massive load of UDP traffic because of one of the PCs in the network. Usually I handle the situation with a strict block using iptables. The main issue is to find it due to the load. For now I am monitoring the traffic load using MRTG but it won't notify me. I can try to use nagios to monitor traffic load for a period of time but before I start working on it I want another person opinion and options. I have seen netflow in the past but never actually used it. Thanks in advance, Eliezer
Current thread:
- Linux router traffic monitoring, how? netflow? Eliezer Croitoru (Nov 13)
- RE: Linux router traffic monitoring, how? netflow? Murat Kaipov (Nov 13)
- Re: Linux router traffic monitoring, how? netflow? Wayne Lee (Nov 13)
- Re: Linux router traffic monitoring, how? netflow? Eliezer Croitoru (Nov 16)
- RE: Linux router traffic monitoring, how? netflow? Joe Loiacono (Nov 14)
- Re: Linux router traffic monitoring, how? netflow? Wayne Lee (Nov 13)
- Re: Linux router traffic monitoring, how? netflow? Leonardo Arena (Nov 14)
- Re: Linux router traffic monitoring, how? netflow? Peter Phaal (Nov 14)
- Re: Linux router traffic monitoring, how? netflow? srn . nanog (Nov 14)
- Re: Linux router traffic monitoring, how? netflow? Adrian Minta (Nov 14)
- RE: Linux router traffic monitoring, how? netflow? Murat Kaipov (Nov 13)