> Can anyone suggest a tool that can collect statistics on traffic volumes
> by the country of the remote host. That on its own would go a long way
> for me, but if it coulod also break down on incoming vs outgoing traffic
> and by local port number that would be ideal.
NetFlow is the "ideal" solution for you.
The best solution for FreeBSD would be ng_netflow kernel module
since all the other implementations (softflowd, fprobe, ntop etc)
use pcap which is a quite CPU-consuming way.
You can:
1) force collector to aggregate traffic by source AS
and find out autonomous system to country relation somehow;
2) aggregate traffic by source IP and make the IP address to country resolution
with GeoIP.
>
> I figure someone must have built something like this already, probably
> using something along the lines of the GeoIP service to do IP -> country
> code lookups.
>
> Any suggestions?
>
> Andrew McNaughton
_______________________________________________
freebsd-isp@xxxxxxxxxxx mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-isp
To unsubscribe, send any mail to "freebsd-isp-unsubscribe@xxxxxxxxxxx"
|
