Hi,
Thanks for all that answered this open question, with very good answers. I
had no time to test them all.
Rubens Mau
info@dialdata.com.br
****************************************************************************
******
From: David Schiffrin <daves@adnc.com>
From: Aaron Lineberger <aaron@cs.odu.edu>
There's a collection of tools for this you can find at:
http://ipn.nlanr.net/Caida/collab.html
http://www.nlanr.net/~jkay/meastools.html
****************************************************************************
******
From: matt@aztek-eng.com
If you are running solaris, run snoop - see the man pages on snoop,there are
quite a few options.
Matt Reynolds
****************************************************************************
******
From: Oddbjørn Steffensen <oste@sn.no>
http://oddbjorn.bdc.no/sysmgmt/resources/software.shtml
to be useful. In your case, I'd try bpft; it gives handy numbers on traffic
to/from hosts, the protocols in use, and the bytes transferred on each port.
****************************************************************************
******
This is a simple solution, using cisco capabilities, and not Sun's
From: Jochen Bern <bern@penthesilea.uni-trier.de>
Quick and dirty: In the Access List for incoming Packets, for all
"permit" Rules - e.g.,
access-list 100 permit icmp any your.class.C.net 0.0.0.255
- into two Rules depending on the Network they're from:
access-list 100 permit icmp 200.128.0.0 0.128.255.255 your.class.C.net 0.0.0.255
access-list 100 permit icmp any your.class.C.net 0.0.0.255
Then, whenever you do a "show access-list 100", each Rule will be
annotated with the Number of Packets the Rule matched so far ...
****************************************************************************
******
thanks also to:
Stephen Harris <sweh@mpn.com>
Daniel Kluge <danielk@tibco.com>
Edmundo Farinas <efarinas@sa.omnes.net>
******************
Original Question
******************
I have a single connection to the Intenet thru a Cisco 4700 router. I am
interested in analyzing the the profile of this connection. Mainly, the
distribution betwween national and overseas traffic ( the national traffic
is from 200.128.0.0 till 200.254.0.0, mainly )
I succeed in analyzing the outbound packets from the cisco to the Internet
using the traffic shape, and access-lists features. I get a profile of the
neworks receiving packets from my site .
But , I have no solution to analyze the incoming packets. Have anyone a good
and easy solution ?
Thanks in advance
This archive was generated by hypermail 2.1.2 : Fri Sep 28 2001 - 23:12:39 CDT