[ previous ] [ next ] [ threads ]
 
 From:  David Rodgers <david dot rodgers at kdsi dot net>
 To:  John Voigt <1geek at jvoigt dot com>
 Cc:  Jim Gifford <jim at giffords dot net>, m0n0wall at lists dot m0n0 dot ch
 Subject:  Re: [m0n0wall] Per IP Logging
 Date:  Thu, 11 Mar 2004 13:45:15 -0600
I don't know whether or not you are willing to spend money to accomplish
this but Astroflow

http://www.netsoft.co.za/

is a turnkey software that you can get into for around $399 USD 
that will allow you to take a machine with 2 ethernet interfaces and pop
in the cd and it will install itself on the disk (it is effectively a
linux machine) it sets up a bridge between the interfaces and will keep
amazing statistics on EVERY ip address that is sees going through it.
This includes breakdown of traffic by protocol and service with
statistics for each service in each direction for each ip address. It's
reporting kind of has the look of a webalizer output but for
protocol/services etc rather than urls.

you could put this bridge between the firewall interface and the switch
on the inside so you could get good stats without using snmp. (which is
when possible probably the base way to do it)

There are also a hundred GPL softwares out there on
freshmeat/sourceforge for bandwidth accounting.
http://freshmeat.net/search/?q=bandwidth+monitor&section=projects&Go.x=0&Go.y=0

Also some of you if you haven't seen it might want to look at cacti in
place of mrtg. It is a really friendly front end to rrdtool.
http://www.raxnet.net/ with it I have been able to offload alot of the
headache of creating and managing the graphs to people that would get no
where with a *nix box command line.

There are also a hundred 

On Thu, 2004-03-11 at 13:00, John Voigt wrote:
> 4} it's already been answered and in the archives for anyone who wants to
> search.
> 
> http://mrtg.reston-wireless.net/
> 
> (Hint:  Higher IP addresses have been used more.)
> 
> Really folks, please check the archives before asking for help.  This may
> not be exactly what you're looking for but it has been covered before.
> 
> John/
> 
> John Voigt, President
> 
> Reston Wireless, LLC
> High speed internet service
> no smoke, no mirrors, no wires (tm)
> http://www.reston-wireless.net/
> 
> ----- Original Message ----- 
> From: "Jim Gifford" <jim at giffords dot net>
> To: <m0n0wall at lists dot m0n0 dot ch>
> Sent: Thursday, March 11, 2004 1:16 PM
> Subject: Re: [m0n0wall] Per IP Logging
> 
> 
> Usually a lack of an answer on this list is for one of these reasons:
> 
> 1)  nobody has an answer to give, and rather than waste bandwidth and
>     list reader time, they just sit quiet hoping someone else has
>     an answer.
> 
> 2)  In the case of a problem, not enough details were given for those
>     that might be able to figure out an answer to do so.  Rather than
>     answer incorrectly and perhaps make the problem worse, they sit
>     quietly hoping that either more information will be forthcoming,
>     or that someone else with hazard a guess that elicit more information.
> 
> 3)  You're trying to do something nobody else on the list has tried yet.
>     As such, you are exploring new territory, and might just have
>     to figure it all out on your own.  Sometimes this results in you
>     achieving your goal.  Sometimes you have to give up.
> 
> It is very frustrating to have a problem and post to the list and not
> receive any replies.  I've been there myself.  However, I have to remind
> myself that this product does work quite well, is free (libre and gratis),
> and support is voluntary.  As such, I can't expect or demand answers to
> my questions.  I've learned a lot just from reading the emails on this
> list, and now I even contribute some (at least, I hope it is contributing
> and not just annoying people).
> 
> Hang in there.  The more you push the envelope, the more you learn
> about m0n0wall's abilities and limits, and the more you contribute to
> the pool of knowledge about m0n0wall.  Also, knowledge gained via such
> frustrations tends to be of more value, and will generally be retained
> much better than something gotten from a quick answer from someone else.
> 
> I hope this helps,
> jim
> 
> On Thu, Mar 11, 2004 at 06:59:48PM +0100, gr at redskycom dot net wrote:
> > I have the same question, but nobody unserws...
> >
> > -----Mensaje original-----
> > De: John Andrunas [mailto:andrunas at treyarch dot com]
> > Enviado el: jueves, 11 de marzo de 2004 18:47
> > Para: m0n0wall at lists dot m0n0 dot ch
> > Asunto: [m0n0wall] Per IP Logging
> >
> > Is there anyway at all to get per ip statistics on who is using what
> > kind of bandwidth and maybe what ports?
> >
> > -- 
> >
> > John Andrunas
> > IT Engineer
> > Treyarch Corp
> > 310.664.5907
> > andrunas at treyarch dot com
> >
> >
> >
> >
> > ---------------------------------------------------------------------
> > To unsubscribe, e-mail: m0n0wall dash unsubscribe at lists dot m0n0 dot ch
> > For additional commands, e-mail: m0n0wall dash help at lists dot m0n0 dot ch
> >
> >
> >
> >
> >
> > ---------------------------------------------------------------------
> > To unsubscribe, e-mail: m0n0wall dash unsubscribe at lists dot m0n0 dot ch
> > For additional commands, e-mail: m0n0wall dash help at lists dot m0n0 dot ch
> >
> 
> ---------------------------------------------------------------------
> To unsubscribe, e-mail: m0n0wall dash unsubscribe at lists dot m0n0 dot ch
> For additional commands, e-mail: m0n0wall dash help at lists dot m0n0 dot ch
> 
> 
> ---------------------------------------------------------------------
> To unsubscribe, e-mail: m0n0wall dash unsubscribe at lists dot m0n0 dot ch
> For additional commands, e-mail: m0n0wall dash help at lists dot m0n0 dot ch
> 
>