Solved

A Broadcast Packet Counter

Posted on 2006-06-14
5
626 Views
Last Modified: 2008-02-26
Hi there,

I'm looking to count the number of broadcast packets received by a Linux box (Fedora Core 1 in this case) - my script would ideally report in real-time how many packets are being received per second or per minute for example. Please could someone recommend the best way to go about this - where to get this information in the simplest form, or what files to analyse to get it.

Many thanks and regards,

Biggs
0
Comment
Question by:BigglesZX
  • 2
  • 2
5 Comments
 
LVL 51

Expert Comment

by:ahoffmann
Comment Utility
use iptables and make a logging rule for the packets your're interested in, then simply use iptables -v
0
 
LVL 4

Assisted Solution

by:bobgunzel
bobgunzel earned 50 total points
Comment Utility
You can use ngrep to monitor the broadcasts and pipe it to a file in the background:
ngrep -t -d {interface} host {broadcast-address} > {logfile} &

and use cat, grep and date to filter the file, f.i. per minute:
cat {logfile} | grep "`date +%Y/%m/%d" "%k`:$[`date +%M`-1]"

You can put the above line in a script that executes it every minute as long as ngrep is running:
while [ "`ps -A | grep ngrep`" ]
do
sleep $[59-`date +%-S`]
cat {logfile} | grep "`date +%Y/%m/%d" "%k`:$[`date +%M`-1]"
done
0
 

Author Comment

by:BigglesZX
Comment Utility
I'm looking to use iptables for this, after considering some of the options - I think I will use the internal counters of iptables and read/reset them every minute or so.

So, with this in mind - can you tell me what arguments I need to give to iptables if I want a rule to count all ip and ethernet broadcast traffic, and possibly ip and ethernet multicast as well.

bobgunzel: That looks like a good solution - I will see where I can get with iptables and if I can't work it out, will come back to that. You'll get some points :-).

Thank you both very much.
0
 
LVL 51

Accepted Solution

by:
ahoffmann earned 75 total points
Comment Utility
# something like:
iptables -I INPUT -i eth0 -d your-broadcast-ip -j LOG --log-prefix broadcast:

iptables -Z
will delete the counters
0
 

Author Comment

by:BigglesZX
Comment Utility
Got it. With this and some help from LinuxQuestions.org I sorted it out - now for rrdtool. Thanks all, will split points.
0

Featured Post

How your wiki can always stay up-to-date

Quip doubles as a “living” wiki and a project management tool that evolves with your organization. As you finish projects in Quip, the work remains, easily accessible to all team members, new and old.
- Increase transparency
- Onboard new hires faster
- Access from mobile/offline

Join & Write a Comment

Suggested Solutions

The purpose of this article is to fix the unknown display problem in Linux Mint operating system. After installing the OS if you see Display monitor is not recognized then we can install "MESA" utilities to fix this problem or we can install additio…
The purpose of this article is to demonstrate how we can upgrade Python from version 2.7.6 to Python 2.7.10 on the Linux Mint operating system. I am using an Oracle Virtual Box where I have installed Linux Mint operating system version 17.2. Once yo…
Sending a Secure fax is easy with eFax Corporate (http://www.enterprise.efax.com). First, Just open a new email message.  In the To field, type your recipient's fax number @efaxsend.com. You can even send a secure international fax — just include t…
This tutorial demonstrates a quick way of adding group price to multiple Magento products.

771 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

12 Experts available now in Live!

Get 1:1 Help Now