You might want to take a look at the Host sFlow SourceForge project: http://host-sflow.sourceforge.net/ The hsflowd agent used the sFlow protocol to export interface counters, host performance statistics and packet flows (collected using iptables ULOG). Peter On Thu, Nov 13, 2014 at 9:09 AM, Eliezer Croitoru <eliezer@ngtech.co.il> wrote:
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1
Hey all,
I have a tiny linux router based on ubuntu and sometimes I get a massive load of UDP traffic because of one of the PCs in the network. Usually I handle the situation with a strict block using iptables. The main issue is to find it due to the load. For now I am monitoring the traffic load using MRTG but it won't notify me. I can try to use nagios to monitor traffic load for a period of time but before I start working on it I want another person opinion and options.
I have seen netflow in the past but never actually used it.
Thanks in advance, Eliezer -----BEGIN PGP SIGNATURE----- Version: GnuPG v1
iQEcBAEBAgAGBQJUZOXKAAoJENxnfXtQ8ZQUnCcIAJn/3LQa1CKl1mBGiWHUvrEZ GZIPYKDlDWscVaq2VhJQH/ZcUqX5466YTSLsFQBaCEynLfc4vgk5gBZzyLK9TI1R MSDXAQNYvqRGnDG5rBrthCCvSA8UZyqVH9feSXw+U8aiwZcmQz4SSVv86yy288qP eFlerXq43QvSzXgMPFFrzwVzcwY3UVg0VMxlqIRIl+sB8dfg6ofau61/lax9ALQ4 cfxE674vxKtQsf319lJTmq/3JMvANzZNYbX0+XnLNIDaCciM/GTT/Xvasq+oigm2 IE4T0098KMUyBdJx5ewX5d+rawI2283euiY0Co5UnfCYzBnJTj4xZR32Tip53lM= =gZaZ -----END PGP SIGNATURE-----