Linux - NetworkingThis forum is for any issue related to networks or networking.
Routing, network cards, OSI, etc. Anything is fair game.
Notices
Welcome to LinuxQuestions.org, a friendly and active Linux Community.
You are currently viewing LQ as a guest. By joining our community you will have the ability to post topics, receive our newsletter, use the advanced search, subscribe to threads and access many other special features. Registration is quick, simple and absolutely free. Join our community today!
Note that registered members see fewer ads, and ContentLink is completely disabled once you log in.
If you have any problems with the registration process or your account login, please contact us. If you need to reset your password, click here.
Having a problem logging in? Please visit this page to clear all LQ-related cookies.
Get a virtual cloud desktop with the Linux distro that you want in less than five minutes with Shells! With over 10 pre-installed distros to choose from, the worry-free installation life is here! Whether you are a digital nomad or just looking for flexibility, Shells can put your Linux machine on the device that you want to use.
Exclusive for LQ members, get up to 45% off per month. Click here for more info.
I am searching for a good networt monitoring tool. Not a IDS like Snort. I look for something like netshark ( AKA ethereal ) but this tool has also to offer me an overview like etherape.
I would like to use that tool on a VPN gateway to monitor the traffic.
First to see who is causing the traffic ( which etherape could do ) and second to see what is communicated ( which netshard or tcpdump could do).
But well I would like to run this tool in console or like ntop as a service.
I also tought of using ntop but it does ( AFAIK ) not support a view at the packages ?!
Does somebody have an idea what tool could help me ?
BTW the gateway is used to connect to companys via LWL 1GB WAN network.
well your demands are fairly confused, and netshark appears to be a canadian web design company... try wireshark
If you want to basically record all network traffic then you can fairly simply set up a box to use tcpdump to manage a ring buffer to log blocks of data to disk, and then interrogate the traffic with wireshark. not sure what wireshark isn't doing for you in the equation, but it depends if you want a real time view or an on demand view. of specifics.
nothing that encompassing within the open source market. there are packages like SuperAgent which quite possibly would cover your needs, but they are commerical packages with significant list prices associated with them.
iptraf can monitor packets in an attended or unattended mode. It measures on a per - ip or per - port basis. So you could use it to see what ips cause the most traffic and what the services are that most use them.
LinuxQuestions.org is looking for people interested in writing
Editorials, Articles, Reviews, and more. If you'd like to contribute
content, let us know.