[CentOS] monitor invidiual client (PC) network traffic to server?
Trevor Benson
tbenson at a-1networks.com
Tue Jan 6 16:56:04 UTC 2009
On Jan 6, 2009, at 6:31 AM, mcclnx mcc wrote:
> We have DELL servers with CENTOS 3 and 4 installed. Application is
> client/server type.
>
> Does there has way monitor invidual client (PC) network traffic to
> server?
I would suggest either
A) Run tcpdump from the server with a filter to only examine the
packets from or to the client. The server is already receiving these
packets, so now its just logging them. Take a bit of disk I/O, but
usually not a big deal unless this is a database server or file server
and it slows down file access. Still usually moot unless DB or I/O
intensive server.
B) Connect a laptop or workstation to a mirror port on your network
switch, or whatever your vendor wants to call their 'bridged',
'administrative' port that receives traffic for all ports. If you
have a hub ignore the port 'type' and just plugin. Now run tcpdump
again filtering everything but packets from that IP or MAC.
Afterwords you can take the file it creates and open it with wireshark
to help you dig through it and figure out what was being sent back and
forth.
Trevor Benson
A1 Networks
More information about the CentOS
mailing list