Does anyone know of a way to track TCP/IP traffic by TCP/UDP port
and/or by process/daemon with CentOS? I know a variety of ways to
track it in total (e.g., ifInOctets & ifOutOctets with SNMP), but I'm
not sure how to be approach seeing traffic by application, port, or
process.
One option would be to write something that would sift through
different stuff for each daemon (for example, with apache, you could
add up all the bytes sent by summing up the values in 'access_log'),
but I was hoping for a more centralized method that would work the
same for all daemons and/or ports.
One approach I have though about is using iptables... "iptables -L -n
-v" gives detail on packets and byte counts by ACL entry. Does anyone
have any experience with any tools that grab this info and
graph/report on it?
My searches have yielded tons of hits, but none of it seems relevant.
Are there any tools that measure this?
Thanks,
KC
