On Sat, 2005-08-20 at 08:10, Claude Jones wrote: > On Saturday 20 August 2005 8:58 am, Thomas Springer wrote: > > > > iptraf (8) - Interactive Colorful IP LAN Monitor > > iptstate (8) - A top-like display of IP Tables state table entries > > > > > Thanks, Thomas. Sometimes it helps to ask the right question. I never knew > about either of these utilities. They are exactly what I was looking for. You might also like ethereal, which gives you a realtime view and packet capture. You can run it in a remote X window if you ssh -X firewall_machine, then specify 'not your_IP' in the capture filter to exclude the traffic you are generating yourself on the viewing connection (the filter syntax is the same as tcpdump's). Also very handy is ntop (http://www.ntop.org). You can leave it running then view the traffic summarized over time in various ways through a nice web interface. It is good to find which hosts are generating which kinds of traffic, and then you can use ethereal if you want to see something specific in real time. -- Les Mikesell lesmikesell@xxxxxxxxx
