On Wed, 26 Oct 2005, Steven M. Bellovin wrote:

> Is there any package that will construct a traffic matrix?  Ntop is
> telling me that there is traffic to strange and wondrous places, but I
> don't know which hosts are talking to them, or over what ports.  (Maybe
> ntop can do this, but if so I haven't figured out how to make it
> display it.)
>
> More precisely -- I have a small (Soekris) NetBSD box with three
> bridged interfaces, one of which leads to the outside world.  I'd like
> to run some package that could monitor traffic on that third interface
> and produce a matrix showing which hosts are talking to which.
>
> Generating data in NetFlow format is probably ideal, since there are
> lots of tools to manipulate that.  I see nprobe in pkgsrc, but its
> availability terms are, well, unusual.  The package is also quite old;
> it's version 1.3.1 from 2002.  4.0 is the current version.

 	For realtime display I've find iftop or flodo of some use though
 	neither is ideal...

-- 
 		David/absolute       -- www.NetBSD.org: No hype required --