Is there any package that will construct a traffic matrix?  Ntop is 
telling me that there is traffic to strange and wondrous places, but I 
don't know which hosts are talking to them, or over what ports.  (Maybe 
ntop can do this, but if so I haven't figured out how to make it 
display it.)

More precisely -- I have a small (Soekris) NetBSD box with three 
bridged interfaces, one of which leads to the outside world.  I'd like 
to run some package that could monitor traffic on that third interface 
and produce a matrix showing which hosts are talking to which.

Generating data in NetFlow format is probably ideal, since there are 
lots of tools to manipulate that.  I see nprobe in pkgsrc, but its 
availability terms are, well, unusual.  The package is also quite old; 
it's version 1.3.1 from 2002.  4.0 is the current version.

		--Steven M. Bellovin, http://www.cs.columbia.edu/~smb