[Sysadmins] FreeBSD / Traffic Monitoring

Harry Duncan usr.src.linux at gmail.com
Fri Mar 30 12:30:17 IST 2012


Hi Guys,

Thanks for the suggestions so far, besides looking at darkstat and
mrtg, the following have come up:

ntop - you know, i had a curses image of this in my mind, is more
advanced than I was giving it credit for, definitely worth a look.

ng_netflow - this also hits the nail on the head, and then using cacti
for graphing. Would need to play around with it to see what nfsen
brings to the table that cacti doesn't provide for.

iptraf, looks to be linux only, which isn't bad either, just not for
this particular deployment.

Squid - was how I traditionally thought of this problem, but I'm
pretty sure it won't catch skype chats, then again, I could be wrong.
Will definitely test it. There are some good squid log reporting
projects out there. Now that I see ng_netflow, i think that might blow
this solution out of the water though.

RTG - not surprisingly similar to mrtg, guess both have similar
origins or shared resources.

LanGuardian - and then comes along the solution that has everything
but at a cost that is slightly more than the voluntary org's annual IT
budget, which is why I was going the FOSS route in the first place and
using it as a tech test bed, gives me a live test environment where
for their peanuts they'll tolerate a bit of experimentation. I'll
probably take you up on the 30 day trial though, I just need to work
out a test strategy to take in all the above, and then report back
cross comparisons. 30 days should be fine, not sure there's anything
that 31 days will show that can't be shown in 30 days.

What about Providers / ISP's? and Traffic data retention. Doesn't
require the degree of analysis that this solution requires, but what
is the solution you guys are using for that task?

Harry.



More information about the Sysadmins mailing list