Re: low overhead packet capturing on linux

From: Thomas Fjellstrom
Date: Wed Dec 01 2010 - 05:18:46 EST

Next message: Miklos Szeredi: "Re: kernel BUG at mm/truncate.c:475!"
Previous message: Michael Leun: "Re: 2.6.35 -> 2.6.36 panic when vlan and promisc with tg3"
In reply to: Alexander Clouter: "Re: low overhead packet capturing on linux"
Next in thread: Pekka Pietikainen: "Re: low overhead packet capturing on linux"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

On December 1, 2010, you wrote:
> Thomas Fjellstrom <thomas@xxxxxxxxxxxxx> wrote:
> > I'm working on a little tool to monitor and measure bandwidth use on a vm
> > host, down to keeping track of all guest and host bandwidth, including,
> > eventually per layer7 protocol use.
>
> ...iptables? You get packet and byte counters there for free and you
> can have a 'web, smtp, $service[0], $service[1], ... , other' easily
> enough.

Not with full layer7 support these days. None of the old things like pp2p or
l7filter will even apply to anything remotely resembling a recent kernel.

Also I'm not sure it'll dynamically keep track of hosts. My solution will
track all hosts it sees. Where as iptables would be somewhat manual.

> Five to eight years ago we (an ISP) used this at a previous workplace of
> mine to do xDSL traffic accounting for our users.
>
> Cheers

--
Thomas Fjellstrom
thomas@xxxxxxxxxxxxx
--
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at http://vger.kernel.org/majordomo-info.html
Please read the FAQ at http://www.tux.org/lkml/

Next message: Miklos Szeredi: "Re: kernel BUG at mm/truncate.c:475!"
Previous message: Michael Leun: "Re: 2.6.35 -> 2.6.36 panic when vlan and promisc with tg3"
In reply to: Alexander Clouter: "Re: low overhead packet capturing on linux"
Next in thread: Pekka Pietikainen: "Re: low overhead packet capturing on linux"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]