[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]
Re: opposite direction traffic
Come on guys ! I didn't think it was that much of a lame question that I wouldn't even get a response. At least refer me to some relevant documentation if the information is available somewhere.
Thanks,
Wilson Fletcher
> I've installed iptraf on a server. I am using it in the background and I
> would like to clarify what is recorded in the ip_traffic log files.
>
> In particular. Is the number of bytes listed against "opposite direction"
> traffic actually recorded elsewhere in the log file ?
>
> i.e. Initially I wasn't calculating usage from the opposite direction. Then
> I felt that it was required to accurately capture ALL traffic. HOWEVER in
> the case below the 147931549 is clearly captured twice. Is this always the
> case ? Are there times when the opposite direction traffic won't be recorded
> elsewhere as in the example below ?
>
> From the two lines below, can you tell me which "Bytes" portions represent
> new and unique traffic ?
>
> Tue Jun 3 15:18:17 2003; TCP; eth0; 40 bytes; from 213.199.146.24:80 to
> 192.168.1.12:2867; FIN sent; 98639 packets, 147931549 bytes, avg flow rate
> 0.00 kbytes/s
>
> Tue Jun 3 15:30:00 2003; TCP; eth0; 46 bytes; from 192.168.1.12:2867 to
> 213.199.146.24:80; Connection reset; 55420 packets, 2562424 bytes, avg flow
> rate 0.00 kbytes/s; opposite direction 98639 packets, 147931549 bytes; avg
> flow rate 0.00 kbytes/s
>
> Thanks,
>
> Wilson Fletcher