> -----Original Message----- > From: netfilter-bounces@xxxxxxxxxxxxxxxxxxx > [mailto:netfilter-bounces@xxxxxxxxxxxxxxxxxxx] On Behalf Of lubasi > Sent: Tuesday, November 21, 2006 12:22 PM > To: netfilter@xxxxxxxxxxxxxxxxxxx > Subject: RE: Someone is using too much bandwidth??? > > Hello, > > Indeed its true, and i dont know what machine it is. You could setup an iptables rule to log all traffic or do what I believe may be simpler: use tcpdump Let's say you have two NIC's on your machine: // Internet // - [eth0] - [gateway] - [eth1] - // Internal Network // You can run tcpdump on your Internet Network: tcpdump -i eth1 If you've ssh'd to your gateway machine from your Internal Network, your host and ssh information will also be spewed. Probably not what you want. A simple tweak will handle it: tcpdump -i eth1 not host your.IP.address.here The above should give you some quick answers. Cheers, --- Pablo Sanchez - Blueoak Database Engineering, Inc Ph: 819.459.1926 Toll free: 888.459.1926 Cell: 819.918.9731 Pgr: pablo_p@xxxxxxxxxxxxx Fax: 603.720.7723 (US)
