Does anyone know of a way to track TCP/IP traffic by TCP/UDP port and/or by process/daemon with CentOS? I know a variety of ways to track it in total (e.g., ifInOctets & ifOutOctets with SNMP), but I'm not sure how to be approach seeing traffic by application, port, or process. One option would be to write something that would sift through different stuff for each daemon (for example, with apache, you could add up all the bytes sent by summing up the values in 'access_log'), but I was hoping for a more centralized method that would work the same for all daemons and/or ports. One approach I have though about is using iptables... "iptables -L -n -v" gives detail on packets and byte counts by ACL entry. Does anyone have any experience with any tools that grab this info and graph/report on it? My searches have yielded tons of hits, but none of it seems relevant. Are there any tools that measure this? Thanks, KC