geffers
Posts: 339
Joined: Sun Jun 24, 2012 6:25 am
Location: UK
Contact: Website

Network Monitoring

Sat Jun 23, 2018 11:15 am

Folks,

One of my numerous Pi devices is on 24/7 and is used merely as a server, have https, dlna, samba, xsane etc all running on Stretch Lite

It has a fixed IP so is a separate device but am wondering; is there any way it can monitor network traffic from other devices on my network?

I've had a wee bit of experience with ntopng but think that shows traffic passing through that specific device.

Geffers

User avatar
allfox
Posts: 425
Joined: Sat Jun 22, 2013 1:36 pm
Location: Guang Dong, China

Re: Network Monitoring

Sat Jun 23, 2018 12:35 pm

I think iptables could log traffic, like this:

# iptables -nv --list
....
0 0 RETURN icmp -- * * 0.0.0.0/0 0.0.0.0/0 icmptype 0
0 0 RETURN icmp -- * * 0.0.0.0/0 0.0.0.0/0 icmptype 3
44 1856 RETURN icmp -- * * 0.0.0.0/0 0.0.0.0/0 icmptype 8
0 0 RETURN icmp -- * * 0.0.0.0/0 0.0.0.0/0 icmptype 11
0 0 RETURN icmp -- * * 0.0.0.0/0 0.0.0.0/0 icmptype 12
0 0 RETURN icmp -- * * 0.0.0.0/0 0.0.0.0/0 icmptype 13
0 0 RETURN icmp -- * * 0.0.0.0/0 0.0.0.0/0 icmptype 14
0 0 RETURN icmp -- * * 0.0.0.0/0 0.0.0.0/0 icmptype 40
....

This is my log based on ICMP type. I also used MAC address, port number before.

If you could describe what kind of log are you looking for, I might could give the exact iptables rule to log it.

mfa298
Posts: 1202
Joined: Tue Apr 22, 2014 11:18 am

Re: Network Monitoring

Sat Jun 23, 2018 3:11 pm

geffers wrote:
Sat Jun 23, 2018 11:15 am
It has a fixed IP so is a separate device but am wondering; is there any way it can monitor network traffic from other devices on my network?

I've had a wee bit of experience with ntopng but think that shows traffic passing through that specific device.
That depends on what sort of thing you want to monitor.

For any detailed inspection the pi would need to see the traffic which would normally mean the traffic passing through the Pi. This might limit the throughput on your internet link. There are various tools to inspect traffic depending on what it is you want to look at.

On some switches/routers there's an option to get basic data (packets/bytes/errors on each interface) via a protocol called SNMP. This just uses an agent that could run on your Pi which runs on a regular basis to gather the data. This doesn't need all the traffic going via the Pi (so means it's not a bottleneck) but does require any the network equipment to support SNMP (some home routers do, other don't).

geffers
Posts: 339
Joined: Sun Jun 24, 2012 6:25 am
Location: UK
Contact: Website

Re: Network Monitoring

Mon Jun 25, 2018 7:00 am

Thanks for suggestions folks.

All I am curious about is the automatic uploads and synchronisation that occur from mobile phones and keypads.

I did three videos recently on my netpad, Google was synching them to photos and/or drive and as I don't have fibre it took around 3 hours.

I do transfer videos to a friend via my Pi and am able to monitor progress and rate but just curious what the mobile devices are up to.

Geffers

User avatar
bob_binz
Posts: 441
Joined: Thu Feb 02, 2012 7:58 pm
Location: Stockport, UK

Re: Network Monitoring

Mon Jun 25, 2018 7:37 am

If you're running X rather than CLI, you could try wireshark which seems to be in the Raspbian repo. I've only ever used it on Windows though and only for short term sessions. Not sure if it will give you the info you're wanting

--
BBz

Return to “General discussion”

Who is online

Users browsing this forum: abojiuc and 38 guests