I am recommending the use of a Linux box to do multi-network routing and
firewalling for a mid-sized network (~25 nodes). What I am not aware of
is the availability of network traffic accounting software or kernel
hooks. I am prepared to write a package that watches all packet traffic
and logs the summary data in a database if necessary, but would love to
know if such a beast has already been done. Are there 'easier' ways to
get this data from the kernel? Are there kernel hooks I could be using
to make this work if nobody else has done it yet?
I need up-to-the-minute (not necessarily second) data on how much
bandwidth is being used by individual nodes or groups of nodes on the
network for varying amounts of time (the last 10 seconds or the last 4
weeks).
I have experimented with setting up accounting chains for source IP
addresses, but this data is easily lost when changing the firewall or
rebooting the machine. On which note, is there some way to add a
firewall chain that calls an external program to decide if it should be
allowed?
Thank-you all.
Note: I'm currently focussed on 2.2.x since 2.4.x doesn't exist yet and
I won't be using it until .5 is out (at least) :-).
--
_____/~-=##=-~\_____
-=+0+=-< Michael T. Babcock >-=+0+=-
~~~~~\_-=##=-_/~~~~~
http://www.linuxsupportline.com/~pgp/ ICQ: 4835018
-
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@vger.rutgers.edu
Please read the FAQ at http://www.tux.org/lkml/
This archive was generated by hypermail 2b29 : Fri Apr 07 2000 - 21:00:09 EST