I was asked if it were possible to see what services on a server were
contributing to data transfer usage. The colo provider provides
aggregate usage but we have no way of knowing what's using what. The
box is a web and mail server, and it's likely that the majority of the
transfer is http, but it'd be nice to know more accurately.
A little googling found various things, none of which seem to be
exactly what I want. It occurs to me that in fact this is a somewhat
hard question, because what I'm mainly interested in doing is counting
outgoing traffic from the server, which will be from and to random
ports. To count say HTTP traffic, I presume you'll have to use
something stateful, where you note the IP addresses and source ports of
incoming packets to port 80, and then count packets going back to those
addresses and ports (expiring saved incoming address/port pairs
periodically) and this sounds like it is fairly heavy for a busy
server.
Am I making more out of this than it really is?
Niall
Maintained by the ILUG website team. The aim of Linux.ie is to
support and help commercial and private users of Linux in Ireland. You can
display ILUG news in your own webpages, read backend
information to find out how. Networking services kindly provided by HEAnet, server kindly donated by
Dell. Linux is a trademark of Linus Torvalds,
used with permission. No penguins were harmed in the production or maintenance
of this highly praised website. Looking for the
Indian Linux Users' Group? Try here. If you've read all this and aren't a lawyer: you should be!
