Hi
If what you want to achieve is 'traffic monitoring', ie how many packets went past, then you cant go past MRTG (MultiRouter Traffic Grapher), which can keep up to date graphs of all sorts of traffic updated and available at intervals as short or long as you like.
If you want the details .. which packets came from whicjh IP address etc, the easiest is just IPTables, it has counters for everything you specify, and you can spool the count data out to MRTG as well.
SNORT is a security management package, and is for detecting intrusion attempts. Use SATAN to test/harden your system, and SNORT to watch what happens. I set it up originally, but gave it away as 'too much'.
What are you trying to do?
Grif
|