I got it running on my Redhat 9 machine and it is monitoring the traffic on my subnet but the data seem to be wrong.
I have about 60 computers running on my subnet but it's only shows about 5 computer using HTTP and the rest of the traffic is coming from UDP. Which is wrong. I jump on one of the computer on my subnet and try to surf the net for about an hour to see if it picks up any traffic on that ip and it doesn't. Therefore, it seem like my setup is wrong or i'm missing something. Please help....
libpcap ver 14:0.7.2-1
libpng-devel ver 2:1.2.2-16
libgd
--------------------------------------
When I compile the make file there was no error.
--------------------------------------
Everything seem to be install and working fine but wrong data.
/usr/local/bandwidthd/
the time stamp of the file gets update every 2.5 minutes.
-----------------------------------------------
If you would like to refer to this comment somewhere else in this project, copy and paste the following link:
Anonymous
-
2003-12-24
I think this might be the problem:
----------------------------------------------
Just make sure that the host
and the actual router are on the same hub (Not switch) and everything will be
ok.
----------------------------------------------
Currently, I have the host and the router on a different switch but routing all traffic out to the internet thru a Cisco 6500 router? Is there a work around for this or it has to be on the same hub?
If you would like to refer to this comment somewhere else in this project, copy and paste the following link:
No, it must be the same hub. That's just one of the rules of traffic sniffing.
Some high end cisco switches can mirror traffic out different ports on the switch, but I don't know anything about that.
If you would like to refer to this comment somewhere else in this project, copy and paste the following link:
Anonymous
-
2004-03-25
If you have a cisco 2900 and up, you can configure port monitor to mirror all traffic to a given port on the switch. If you supply no interface to monitor, then the switch will mirror traffic on other ports to your designated monitor port.
Give that a go, and do let us know if that helps in any way.
Regards,
strobe84
If you would like to refer to this comment somewhere else in this project, copy and paste the following link:
I have a fing device. It can do a bandwidth test and tell me the bytes sent/received thru the router for all wired and wireless devices on my consumer router. This fing device is plugged into cheap router which his then plugged into my Nighthawlk router. I'm using bandwidthd as an ubuntu install on a Windows 10 machine on the same network. I am using a bridged virtual adapter. I see no reason bandwidthd cannot get the same data as the fing device, yet it sees only a very small portion of the traffic.. and only upload from client machine from what I can see. Any clues?
If you would like to refer to this comment somewhere else in this project, copy and paste the following link:
I got it running on my Redhat 9 machine and it is monitoring the traffic on my subnet but the data seem to be wrong.
I have about 60 computers running on my subnet but it's only shows about 5 computer using HTTP and the rest of the traffic is coming from UDP. Which is wrong. I jump on one of the computer on my subnet and try to surf the net for about an hour to see if it picks up any traffic on that ip and it doesn't. Therefore, it seem like my setup is wrong or i'm missing something. Please help....
-----------------------------------
Bandwidthd.conf
subnet 192.168.1.0 255.255.255.0
dev "eth0"
skip_intervals 0
promiscuous true
output_cdf true
graph true
-------------------------------------
libpcap ver 14:0.7.2-1
libpng-devel ver 2:1.2.2-16
libgd
--------------------------------------
When I compile the make file there was no error.
--------------------------------------
Everything seem to be install and working fine but wrong data.
/usr/local/bandwidthd/
the time stamp of the file gets update every 2.5 minutes.
-----------------------------------------------
I think this might be the problem:
----------------------------------------------
Just make sure that the host
and the actual router are on the same hub (Not switch) and everything will be
ok.
----------------------------------------------
Currently, I have the host and the router on a different switch but routing all traffic out to the internet thru a Cisco 6500 router? Is there a work around for this or it has to be on the same hub?
No, it must be the same hub. That's just one of the rules of traffic sniffing.
Some high end cisco switches can mirror traffic out different ports on the switch, but I don't know anything about that.
If you have a cisco 2900 and up, you can configure port monitor to mirror all traffic to a given port on the switch. If you supply no interface to monitor, then the switch will mirror traffic on other ports to your designated monitor port.
Give that a go, and do let us know if that helps in any way.
Regards,
strobe84
I have a fing device. It can do a bandwidth test and tell me the bytes sent/received thru the router for all wired and wireless devices on my consumer router. This fing device is plugged into cheap router which his then plugged into my Nighthawlk router. I'm using bandwidthd as an ubuntu install on a Windows 10 machine on the same network. I am using a bridged virtual adapter. I see no reason bandwidthd cannot get the same data as the fing device, yet it sees only a very small portion of the traffic.. and only upload from client machine from what I can see. Any clues?