andrew_89
asked on
How to sniff packets from router
What is the best way to look at real time traffic on you r router?? Can this be done with Linux/Unix? IS there some kind of command line tool to do this.
Thanks
Thanks
If you need other programs for similar uses this should help
http://www.google.com/search?hl=en&lr=&q=real+time+network+monitoring&btnG=Search
http://www.google.com/search?hl=en&lr=&q=real+time+network+monitoring&btnG=Search
What is the router connected to? If it is a switch, then you need to have a managed switch that you can mirror the port that the router is connected to, that is you tell the switch to send a copy of all data that is going to or coming from port "A" to port "B" Then you connect a computer to port "B" that has packet caputer software (like Ethereal).
That I am aware of I don't know of away to route traffic based on the application (ftp, http, telnet). Routing is based on destination IP address. Do you want to route all FTP traffic, or say ftp traffic from a specic host? You should just change that hosts default route. Or, you could setup a ftp proxy server and have its default route be your "secondary" router.
However, in order for this to work, not only would you need a secondary router, you would need a secondary connection to the Internet. Wouldn't it be less expensive to just increase the bandwidth on the primary connection?
That I am aware of I don't know of away to route traffic based on the application (ftp, http, telnet). Routing is based on destination IP address. Do you want to route all FTP traffic, or say ftp traffic from a specic host? You should just change that hosts default route. Or, you could setup a ftp proxy server and have its default route be your "secondary" router.
However, in order for this to work, not only would you need a secondary router, you would need a secondary connection to the Internet. Wouldn't it be less expensive to just increase the bandwidth on the primary connection?
You can monitor the amount of traffic going through a switch using Getif or a similar program that uses SNMP. This program can tell you (for example) the number of packets sent or received on a particular interface.
In order to see inside each packet, you will need a packet analyser such as ethereal, which can examine the headers and data inside each packet.
In order to route traffic, you will need a router with which you can create a port forwarding rule. So any traffic received for port 22 (ftp) would be directed to a specific IP address on your internal network - like your ftp server.
In order to see inside each packet, you will need a packet analyser such as ethereal, which can examine the headers and data inside each packet.
In order to route traffic, you will need a router with which you can create a port forwarding rule. So any traffic received for port 22 (ftp) would be directed to a specific IP address on your internal network - like your ftp server.
Try this easy to use program
"Ether Detect Packet Sniffer"
http://www.etherdetect.com
Maybe not the best, But truly the best : )
Is so easy that i don't have to tell you nothing else here.
Try it and let me know.
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
If you dont have a managed switch you could replace the cable from your router to your internal network with 2 cables and a 4 port hub in between. This way you can plug in an ethereal laptop in any time to check on traffic loads. Only really works if you have a one in one out setup.
ASKER