Prev: Combination of Leaky-Bucket and Token Bucket
Next: Ethereal on cygwin - 'which Packet.dll' and 'which wpcap.dll' ??
From: Riccardo Manfrin on 22 Dec 2009 05:24
Hi NG,
I need to track each TCP link traffic load (rate). I already have the
information regarding all opened TCP links, but I don't know what the
best way could be to retrieve traffic information to associate to those.

To do the job what I need is basically
a) to bind a packet to the correct flow, hence knowing the tuple:
[src_ip, src_port, dst_ip, dst_port, transport]
b) to know the packet size (optionally the timestamp would help too,
but I can generate that independently).

This having been said, what the best way to accomplish the task could
be? I was planning on using a tcpdump based sniffer but it looks pretty
much inefficient to export all packets to userspace, while data is
probably there to be grasped in some /proc subfolders or kernel structures.
I just need you to address me with the problem towards a
non-100%-load-CPU solution.

Thanks in advance and Merry Xmas,
R
 | 
Pages: 1
Prev: Combination of Leaky-Bucket and Token Bucket
Next: Ethereal on cygwin - 'which Packet.dll' and 'which wpcap.dll' ??