LinuxQuestions.org

LinuxQuestions.org (/questions/)
-   Linux - Newbie (https://www.linuxquestions.org/questions/linux-newbie-8/)
-   -   Coun Packets sent (https://www.linuxquestions.org/questions/linux-newbie-8/coun-packets-sent-701220/)

Asteroid 01-31-2009 07:04 AM
Coun Packets sent
 
hi Guys,

I have a simple question, How can we count packets towards the following IP from my server.


Quote:
netstat -a | grep 100.400.120.140

app.3528 10.11.12.14.46277 50376 0 50400 0 ESTABLISHED
app.53184 10.11.12.14.10000 49800 0 50400 0 ESTABLISHED
I wonder if we can count packets sent and received towards the above mentioned node.



Also ifconfig -a output is as:


Quote:
lo0: flags=2001000849<UP,LOOPBACK,RUNNING,MULTICAST,IPv4,VIRTUAL> mtu 8232 index 1
inet 127.0.0.1 netmask ff000000
ce0: flags=9040843<UP,BROADCAST,RUNNING,MULTICAST,DEPRECATED,IPv4,NOFAILOVER> mtu 1500 index 2
inet 10.4.2.159 netmask ffffff80 broadcast 10.4.2.255
groupname mrbtipmp
ether 0:3:ba:84:f1:31
eri0: flags=1000843<UP,BROADCAST,RUNNING,MULTICAST,IPv4> mtu 1500 index 3
inet 10.4.2.129 netmask ffffff80 broadcast 10.4.2.255
groupname mrbtipmp
ether 0:3:ba:7b:10:84
eri0:1: flags=9040843<UP,BROADCAST,RUNNING,MULTICAST,DEPRECATED,IPv4,NOFAILOVER> mtu 1500 index 3
inet 10.4.2.158 netmask ffffff80 broadcast 10.4.2.255
BR//Asteroid

Udi 01-31-2009 12:14 PM
I don't have a very specific answer for you, but I think that the only way you can count packets to a specific address is with wireshark (it's a network traffic sniffer).

salasi 01-31-2009 07:45 PM
If you are happy playing around with iptables rulesets, you could count with it (although there are a number of situations in which this idea might not be a particularly good one; eg, you have no experience with iptables, you don't have an existing firewall, except set up via a gui tool that doesn't do this, its a production server that you daren't mess around with, etc, etc).

anomie 02-01-2009 11:44 AM
Quote:
Originally Posted by Asteroid
I have a simple question, How can we count packets towards the following IP from my server.
# tcpdump host 100.400.120.140

Upon termination (Ctrl+C), tcpdump will show the number of packets captured. If you need these tracked over a long period of time, you should probably point the output to a dump file. See the tcpdump(8) manpages.

---

P.S. 100.400 is not even a real network...


All times are GMT -5. The time now is 09:56 AM.