Check traffic of each ip address in Lan

written by Admin


Posted on 2013-01-20


Problem

I want to know the traffic generated by each single IP address in Lan in upload and in download. I have root access on a linux firewall that routes the traffic.

Solution

Use this script to start collecting informations:
#!/bin/sh

I="/sbin/iptables"

$I -N wrap1
$I -F wrap1
$I -I FORWARD 1 -j wrap1
C=1
while [ $C -lt 254 ];
do
   $I -A wrap1 -i eth3 -o eth1 -s 192.168.1.$C
   let C=C+1
done

$I -N wrap2
$I -F wrap2
$I -I FORWARD 2 -j wrap2
C=1
while [ $C -lt 254 ];
do
   $I -A wrap2 -i eth1 -o eth3 -d 192.168.1.$C
   let C=C+1
done

Don´t forget to setup the script changing the Lan address if it´s not 192.168.1.x

User this script to watch traffic flow in realtime:
#!/bin/sh

echo '***** INBOUD TRAFFIC *****'
/sbin/iptables -L MON2 -n -v | grep -v ' 0 0 all'

echo

echo '***** OUTBOUD TRAFFIC *****'
/sbin/iptables -L MON1 -n -v | grep -v ' 0 0 all'

Check that the correct tabs (tabulation characters) are present in the "grep -v" section of the previous script, or copy and paste that text from you iptables dump... I mean the " 0 0 all" part.

Feedback


Leave a Comment:


Search

Categories

android x 1
apache x 1
apple x 4
backup x 2
cygwin x 1
dns x 1
dos x 1
drupal x 3
ftp x 1
iis x 1
imap x 1
linux x 22
mail x 4
mysql x 3
oracle x 1
pop3 x 1
print x 2
proxy x 1
rsync x 1
shell x 8
smtp x 1
squid x 1
ssh x 1
storage x 2
web x 3
windows x 15

Welcome

We need collaboration and a real boost from our community: write us an email for every trick you find!

This website is a sysadmin swiss-knife for every-day Windows, Linux and Mac administration and troubleshooting

Our database grows if YOU send us your tips and trick as soon as you find them every day!