On Wed, Oct 06, 2010 at 01:30:14AM -0700, Patrick Kurz wrote:
> I was also slightly concerned about short-lived connections. But if the
> measured
> bandwidth is accurate by 10%, it is sufficient for my use case.
> What kind of applications do in general create such short-lived connections
> and
On Wed, Oct 6, 2010 at 8:47 AM, Rob Hasselbaum wrote:
> On Tue, Oct 5, 2010 at 1:53 PM, Phil Vandry wrote:
>
>> On Mon, 4 Oct 2010 09:51:39 -0400 Rob Hasselbaum
>> wrote:
>> > Yes, it is possible (on Linux, anyway), but not extremely easy. You can
>> > correlate packet data to the kernel's netw
On Tue, Oct 5, 2010 at 1:53 PM, Phil Vandry wrote:
> On Mon, 4 Oct 2010 09:51:39 -0400 Rob Hasselbaum
> wrote:
> > Yes, it is possible (on Linux, anyway), but not extremely easy. You can
> > correlate packet data to the kernel's network connection table and
> network
> > connections to inode val
hi,
On Wed, Oct 06, 2010 at 01:29:58AM -0700, Patrick Kurz wrote:
> Let's say 10 users transfer large amounts of data through ssh at the same
> time.
> I assume in this situation 10 different processes would share the same
> socket,
They won't. This (normally) only happens for server process
2010/10/6 Patrick Kurz :
>
>
> - Original Message
>> From: Phil Vandry
>> To: Rob Hasselbaum
>> Cc: tcpdump-workers@lists.tcpdump.org
>> Sent: Tue, October 5, 2010 7:53:16 PM
>> Subject: Re: [tcpdump-workers] bandwidth by user or process id
>
- Original Message
> From: Gerald Combs
> To: tcpdump-workers@lists.tcpdump.org
> Cc: Rob Hasselbaum
> Sent: Tue, October 5, 2010 8:14:57 PM
> Subject: Re: [tcpdump-workers] bandwidth by user or process id
>
> You can also catch events using SystemTap&
- Original Message
> From: Phil Vandry
> To: Rob Hasselbaum
> Cc: tcpdump-workers@lists.tcpdump.org
> Sent: Tue, October 5, 2010 7:53:16 PM
> Subject: Re: [tcpdump-workers] bandwidth by user or process id
>
> On Mon, 4 Oct 2010 09:51:39 -0400 Rob Hasselbaum w
- Original Message
> From: Rob Hasselbaum
> To: tcpdump-workers@lists.tcpdump.org
> Sent: Tue, October 5, 2010 4:07:14 PM
> Subject: Re: [tcpdump-workers] bandwidth by user or process id
>
> Right, generally, the local or remote port will be different for different
Phil Vandry wrote:
> On Mon, 4 Oct 2010 09:51:39 -0400 Rob Hasselbaum wrote:
>> Yes, it is possible (on Linux, anyway), but not extremely easy. You can
>> correlate packet data to the kernel's network connection table and network
>> connections to inode values by reading "/proc/net/tcp*" and
>
>
On Mon, 4 Oct 2010 09:51:39 -0400 Rob Hasselbaum wrote:
> Yes, it is possible (on Linux, anyway), but not extremely easy. You can
> correlate packet data to the kernel's network connection table and network
> connections to inode values by reading "/proc/net/tcp*" and
Isn't that unreliable? The c
On Tue, Oct 5, 2010 at 5:46 AM, Gert Doering wrote:
> Hi,
>
> On Tue, Oct 05, 2010 at 02:14:19AM -0700, Patrick Kurz wrote:
> > >For typical point-to-point IP traffic, the combination of local address,
> > >local port, remote address, remote port, and transport protocol (TCP or
> UDP)
> > >is the
Hi,
On Tue, Oct 05, 2010 at 02:14:19AM -0700, Patrick Kurz wrote:
> >For typical point-to-point IP traffic, the combination of local address,
> >local port, remote address, remote port, and transport protocol (TCP or UDP)
> >is the closest thing you have to a unique key.
>
> Are you saying, that
From: Rob Hasselbaum
To: tcpdump-workers@lists.tcpdump.org
Sent: Mon, October 4, 2010 10:35:02 PM
Subject: Re: [tcpdump-workers] bandwidth by user or process id
>For typical point-to-point IP traffic, the combination of local address,
>local port,
On Mon, Oct 4, 2010 at 4:35 PM, Rob Hasselbaum wrote:
> On Mon, Oct 4, 2010 at 10:53 AM, Patrick Kurz wrote:
>
>> One more question: which part of a line from /proc/net/tcp like the
>> following
>> has a unique counterpart in the packet captured with pcap?
>> >sl local_address rem_address st t
On Mon, Oct 4, 2010 at 10:53 AM, Patrick Kurz wrote:
> One more question: which part of a line from /proc/net/tcp like the
> following
> has a unique counterpart in the packet captured with pcap?
> >sl local_address rem_address st tx_queue rx_queue tr tm->when retrnsmt
> uid
> >timeout inode
nd the equivalent in the captured
packets? local_address and rem_address are not unique, or did I miss something?
Thanks
Patrick
From: Rob Hasselbaum
To: tcpdump-workers@lists.tcpdump.org
Sent: Mon, October 4, 2010 3:51:39 PM
Subject: Re: [tcpdump-workers] ba
Dear all,
I am looking for a solution to monitor bandwidth usage
a) broken up by source and destination ip address
b) broken up by either user or process (pid) which is causing the bandwidth
I have found out how to solve a) with the pcap library.
Is it also possible to solve b) using pcap or othe
On Mon, Oct 4, 2010 at 8:49 AM, Patrick Kurz wrote:
> Dear all,
> I am looking for a solution to monitor bandwidth usage
> a) broken up by source and destination ip address
> b) broken up by either user or process (pid) which is causing the bandwidth
>
>
Yes, it is possible (on Linux, anyway), bu
18 matches
Mail list logo
