Solved

A Broadcast Packet Counter

Posted on 2006-06-14
5
636 Views
Last Modified: 2008-02-26
Hi there,

I'm looking to count the number of broadcast packets received by a Linux box (Fedora Core 1 in this case) - my script would ideally report in real-time how many packets are being received per second or per minute for example. Please could someone recommend the best way to go about this - where to get this information in the simplest form, or what files to analyse to get it.

Many thanks and regards,

Biggs
0
Comment
Question by:BigglesZX
  • 2
  • 2
5 Comments
 
LVL 51

Expert Comment

by:ahoffmann
ID: 16909692
use iptables and make a logging rule for the packets your're interested in, then simply use iptables -v
0
 
LVL 4

Assisted Solution

by:bobgunzel
bobgunzel earned 50 total points
ID: 16909842
You can use ngrep to monitor the broadcasts and pipe it to a file in the background:
ngrep -t -d {interface} host {broadcast-address} > {logfile} &

and use cat, grep and date to filter the file, f.i. per minute:
cat {logfile} | grep "`date +%Y/%m/%d" "%k`:$[`date +%M`-1]"

You can put the above line in a script that executes it every minute as long as ngrep is running:
while [ "`ps -A | grep ngrep`" ]
do
sleep $[59-`date +%-S`]
cat {logfile} | grep "`date +%Y/%m/%d" "%k`:$[`date +%M`-1]"
done
0
 

Author Comment

by:BigglesZX
ID: 16910027
I'm looking to use iptables for this, after considering some of the options - I think I will use the internal counters of iptables and read/reset them every minute or so.

So, with this in mind - can you tell me what arguments I need to give to iptables if I want a rule to count all ip and ethernet broadcast traffic, and possibly ip and ethernet multicast as well.

bobgunzel: That looks like a good solution - I will see where I can get with iptables and if I can't work it out, will come back to that. You'll get some points :-).

Thank you both very much.
0
 
LVL 51

Accepted Solution

by:
ahoffmann earned 75 total points
ID: 16914694
# something like:
iptables -I INPUT -i eth0 -d your-broadcast-ip -j LOG --log-prefix broadcast:

iptables -Z
will delete the counters
0
 

Author Comment

by:BigglesZX
ID: 16914717
Got it. With this and some help from LinuxQuestions.org I sorted it out - now for rrdtool. Thanks all, will split points.
0

Featured Post

Master Your Team's Linux and Cloud Stack

Come see why top tech companies like Mailchimp and Media Temple use Linux Academy to build their employee training programs.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Have you ever been frustrated by having to click seven times in order to retrieve a small bit of information from the web, always the same seven clicks, scrolling down and down until you reach your target? When you know the benefits of the command l…
The purpose of this article is to fix the unknown display problem in Linux Mint operating system. After installing the OS if you see Display monitor is not recognized then we can install "MESA" utilities to fix this problem or we can install additio…
With Secure Portal Encryption, the recipient is sent a link to their email address directing them to the email laundry delivery page. From there, the recipient will be required to enter a user name and password to enter the page. Once the recipient …
Finds all prime numbers in a range requested and places them in a public primes() array. I've demostrated a template size of 30 (2 * 3 * 5) but larger templates can be built such 210  (2 * 3 * 5 * 7) or 2310  (2 * 3 * 5 * 7 * 11). The larger templa…

856 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question