From netramet-owner  Tue Dec  3 04:26:53 1996
Received: (from majordom@localhost) by mailhost.auckland.ac.nz (8.8.3/8.7.3-ua) id EAA11258 for netramet-outgoing; Tue, 3 Dec 1996 04:05:57 +1300 (NZDT)
Received: from roma.axis.se ([email protected] [193.13.178.2]) by mailhost.auckland.ac.nz (8.8.3/8.7.3-ua) with ESMTP id EAA11250 for <[email protected]>; Tue, 3 Dec 1996 04:05:41 +1300 (NZDT)
Received: from nevyn.axis.se (nevyn.axis.se [192.168.2.52]) by roma.axis.se (8.7.5/8.7.1) with ESMTP id QAA15673 for <[email protected]>; Mon, 2 Dec 1996 16:05:21 +0100 (MET)
Received: from axis.se (localhost [127.0.0.1]) by nevyn.axis.se (8.7.1/8.7.1) with ESMTP id QAA27963 for <[email protected]>; Mon, 2 Dec 1996 16:05:20 +0100 (MET)
Message-Id: <[email protected]>
X-Mailer: exmh version 1.6.9 8/22/96
To: [email protected] (NeTraMet mailing list)
Subject: FreeBSD?
MIME-Version: 1.0
Content-Type: text/plain; charset="iso-8859-1"
Content-ID: <[email protected]>
Content-Transfer-Encoding: quoted-printable
Date: Mon, 02 Dec 1996 16:05:15 +0100
From: Joergen Haegg <[email protected]>
Sender: [email protected]
Precedence: bulk


Anyone compiled NeTraMet on FreeBSD yet?


/J=F6rgen H=E4gg



From netramet-owner  Fri Dec  6 06:19:22 1996
Received: (from majordom@localhost) by mailhost.auckland.ac.nz (8.8.3/8.7.3-ua) id GAA15846 for netramet-outgoing; Fri, 6 Dec 1996 06:00:43 +1300 (NZDT)
Received: from ccu1.auckland.ac.nz (ccu1.auckland.ac.nz [130.216.3.1]) by mailhost.auckland.ac.nz (8.8.3/8.7.3-ua) with ESMTP id GAA15841; Fri, 6 Dec 1996 06:00:41 +1300 (NZDT)
Received: (from nevil@localhost) by ccu1.auckland.ac.nz (8.8.3/8.7.3) id GAA07241; Fri, 6 Dec 1996 06:00:40 +1300 (NDT)
From: J Nevil Brownlee <[email protected]>
Message-Id: <[email protected]>
Subject: RTFM session at San Jose IETF meeting
To: [email protected] (RTFM mailing list),
       [email protected] (NeTraMet mailing list)
Date: Fri, 6 Dec 1996 06:00:40 +1300 (NDT)
X-Mailer: ELM [version 2.4 PL23]
MIME-Version: 1.0
Content-Type: text/plain; charset=US-ASCII
Content-Transfer-Encoding: 7bit
Sender: [email protected]
Precedence: bulk

Hello all:

Apologies to those on both the rtfm and netramet lists, I've posted
this note to both lists.

The RTFM working group has a session at the San Jose IETF meeting, the
morning of Wed 11 Dec.  In the agenda we have an item on 'developments
/ usage reports.'  If you'll be at IETF, and have been using NeTraMet
and/or nifty, it would be very helpful to hear a little about what
you're doing with it, and how effective/difficult/etc.  you find it.
I don't mean making a presentation (unless you really want to!), just
a few words.  If you can help with this, please send an e-mail note to
me, [email protected].

In the meantime, it would be helpful if you could simply post a short
note to the rtfm mailing list giving us a little feedback.

Thanks, Nevil

+-----------------------------------------------------------------------+
| Nevil Brownlee                       Director, Technology Development |
| Phone: +64 9 373 7599 x8941          ITSS, The University of Auckland |
|   FAX: +64 9 373 7425        Private Bag 92019, Auckland, New Zealand |
+-----------------------------------------------------------------------C

From netramet-owner  Fri Dec 13 00:54:04 1996
Received: (from majordom@localhost) by mailhost.auckland.ac.nz (8.8.4/8.7.3-ua) id AAA18651 for netramet-outgoing; Fri, 13 Dec 1996 00:37:47 +1300 (NZDT)
Received: from hot.ee.lbl.gov (hot.ee.lbl.gov [131.243.1.42]) by mailhost.auckland.ac.nz (8.8.4/8.7.3-ua) with ESMTP id AAA18646 for <[email protected]>; Fri, 13 Dec 1996 00:37:44 +1300 (NZDT)
Received: by hot.ee.lbl.gov (8.7.5/1.43r)
       id DAA17763; Thu, 12 Dec 1996 03:37:41 -0800 (PST)
Message-Id: <[email protected]>
To: Gary Haney <[email protected]>
Reply-to: [email protected]
Cc: [email protected], [email protected]
Subject: Re: libpcap 0.2.1, netramet 3.3 and solaris 2.4 (x86)
In-reply-to: Your message of Tue, 01 Oct 1996 10:51:39 PDT.
Date: Thu, 12 Dec 1996 03:37:41 PST
From: Craig Leres <[email protected]>
Sender: [email protected]
Precedence: bulk


> I am having some problem getting NeTraMet to work on SunOS 4.1.4 and Irix 5.2
>
> On both systems, when I execute the NeTraMet meter I get the following:
>
> NeTraMet:  Network Traffic Meter V3.2
> Running on x1234, interface et0
> Segmentation fault (core dumped)
>
> When I do a dbx on NeTraMet, the following is returned:
> x1234# dbx NeTraMet
> Process died at pc 0x403a34 of signal: Segmentation Fault
> [using memory image in core]
> (dbx) where
> 0 ether_callback(user = (nil), h = (nil), p = (nil))
> ["../../src/meter/meter_ux.c":292, 0x403a30]
> 1 pcap_read(0x0, 0x0, 0x0, 0x1000644d, 0x0) [0x411148]
>
>
> I suspect that this has something to do with libpcap.  I got libpcap from
> ftp.ee.lbl.gov and compiled it, and installed it in /usr/lib.  Is NeTraMet
> looking for libpcap elsewhere?

Thanks for your bug report.

Some alignment bugs were fixed in the new release; see the appended
announcement. If your bugs aren't addressed by this version, please
feel free to submit a new bug report.

               Craig

------- Forwarded Message

Date: 12 Dec 1996 11:19:30 GMT
From: [email protected]
Subject: LBL tcpdump, libpcap and bpf released (Linux now supported)
Newsgroups: comp.protocols.tcp-ip,comp.os.linux.networking

-----BEGIN PGP SIGNED MESSAGE-----

The latest versions of tcpdump (3.3), libpcap (0.3) and bpf (1.1.1)
from the Network Research Group at the Lawrence Berkeley National
Laboratory are now available via anonymous ftp:

       ftp://ftp.ee.lbl.gov/tcpdump.tar.Z
       ftp://ftp.ee.lbl.gov/libpcap.tar.Z
       ftp://ftp.ee.lbl.gov/bpf.tar.Z

The main feature of these releases is the addition of Linux support.
See the libpcap INSTALL document for more detailed information.

This release does not support AIX. Although we have integrated patches
from several contributors, it is reported that the current versions are
not quite there yet. The INSTALL document has more information; if you
manage to figure this out, please send mail to the mailing list found
in the README document. (Which, by the way, consists of a tiny number
of developers who don't appreciate receiving spam.)

Another important feature is that bpf now includes support for kernel
tcp and udp connection filters. Briefly, this feature is similar to
tcp_wrappers but is implemented in the kernel (and is more powerful).
It allows the system administrator to specify general bpf filters that
reject tcp and udp connections. When a filter rejects a connection, it
is as if there was no server listening on the port. For example, it is
possible to restrict portmapper and nfs accesses to a particular subnet
or list of hosts or disallow telnet connections from off site. See the
bpf README and setbpfilter(8) man page for more information.

Each package has a CHANGES file that documents the important fixes and
enhancements in each release. In summary:

   Libpcap supports Linux. Solaris x86 problems were fixed.

   Tcpdump supports Linux. The routine gmt2local() was rewritten to
   avoid problematic os dependencies. Aligned access and byte order
   problems were fixed.

   Bpf kernel tcp and udp connection filters were added.

As usual, please direct bug reports, enhancements and comments to the
mailing list found in the README files.

               Craig

-----BEGIN PGP SIGNATURE-----
Version: 2.6.2

iQCVAwUBMq/pDb2JLbUEFcrxAQHKfwP/WO2+Ubrd9qR/CPff5oXbvpr0RXdn7CkV
NkoBBbNV7YoQ/2MPyaw/9w+CNtnccAI9yviu9Iat80LI3M1iXTwuroVcFle4mwyf
1Mw5UHVAPIz6DTkWexN0DOK8XQNWl2YwcSVhFors5Za5RBaROu1UMRVUIa2KeJxt
CFrlMqSKcCw=
=kd7G
-----END PGP SIGNATURE-----

------- End of Forwarded Message

From netramet-owner  Fri Dec 13 00:54:09 1996
Received: (from majordom@localhost) by mailhost.auckland.ac.nz (8.8.4/8.7.3-ua) id AAA18628 for netramet-outgoing; Fri, 13 Dec 1996 00:36:18 +1300 (NZDT)
Received: from hot.ee.lbl.gov (hot.ee.lbl.gov [131.243.1.42]) by mailhost.auckland.ac.nz (8.8.4/8.7.3-ua) with ESMTP id AAA18619 for <[email protected]>; Fri, 13 Dec 1996 00:36:10 +1300 (NZDT)
Received: by hot.ee.lbl.gov (8.7.5/1.43r)
       id DAA17744; Thu, 12 Dec 1996 03:35:54 -0800 (PST)
Message-Id: <[email protected]>
To: Matthew Flanagan <[email protected]>
Reply-to: [email protected]
Cc: [email protected], [email protected], [email protected],
       [email protected]
Subject: Re: libpcap 0.2.1, netramet 3.3 and solaris 2.4 (x86)
In-reply-to: Your message of Tue, 01 Oct 1996 02:17:14 PDT.
Date: Thu, 12 Dec 1996 03:35:54 PST
From: Craig Leres <[email protected]>
Sender: [email protected]
Precedence: bulk


I wrote:
> > Compaq 486 PC Running Solaris 2.4 (x86) with latest Recommended patches and
> > driver updates
> [...]
> > pcap_open_live(elx0): recv_ack: bind error 0x7
> >
> > I can't find the error number anywhere in /usr/include/sys/dlpi.h.
>
> I think it's DL_UNSUPPORTED (Requested serv. not supplied by provider).
>
> Please try the appended patch. It will be in the next release.

The new release is out; see the appended announcement.

               Craig

------- Forwarded Message

Date: 12 Dec 1996 11:19:30 GMT
From: [email protected]
Subject: LBL tcpdump, libpcap and bpf released (Linux now supported)
Newsgroups: comp.protocols.tcp-ip,comp.os.linux.networking

-----BEGIN PGP SIGNED MESSAGE-----

The latest versions of tcpdump (3.3), libpcap (0.3) and bpf (1.1.1)
from the Network Research Group at the Lawrence Berkeley National
Laboratory are now available via anonymous ftp:

       ftp://ftp.ee.lbl.gov/tcpdump.tar.Z
       ftp://ftp.ee.lbl.gov/libpcap.tar.Z
       ftp://ftp.ee.lbl.gov/bpf.tar.Z

The main feature of these releases is the addition of Linux support.
See the libpcap INSTALL document for more detailed information.

This release does not support AIX. Although we have integrated patches
from several contributors, it is reported that the current versions are
not quite there yet. The INSTALL document has more information; if you
manage to figure this out, please send mail to the mailing list found
in the README document. (Which, by the way, consists of a tiny number
of developers who don't appreciate receiving spam.)

Another important feature is that bpf now includes support for kernel
tcp and udp connection filters. Briefly, this feature is similar to
tcp_wrappers but is implemented in the kernel (and is more powerful).
It allows the system administrator to specify general bpf filters that
reject tcp and udp connections. When a filter rejects a connection, it
is as if there was no server listening on the port. For example, it is
possible to restrict portmapper and nfs accesses to a particular subnet
or list of hosts or disallow telnet connections from off site. See the
bpf README and setbpfilter(8) man page for more information.

Each package has a CHANGES file that documents the important fixes and
enhancements in each release. In summary:

   Libpcap supports Linux. Solaris x86 problems were fixed.

   Tcpdump supports Linux. The routine gmt2local() was rewritten to
   avoid problematic os dependencies. Aligned access and byte order
   problems were fixed.

   Bpf kernel tcp and udp connection filters were added.

As usual, please direct bug reports, enhancements and comments to the
mailing list found in the README files.

               Craig

-----BEGIN PGP SIGNATURE-----
Version: 2.6.2

iQCVAwUBMq/pDb2JLbUEFcrxAQHKfwP/WO2+Ubrd9qR/CPff5oXbvpr0RXdn7CkV
NkoBBbNV7YoQ/2MPyaw/9w+CNtnccAI9yviu9Iat80LI3M1iXTwuroVcFle4mwyf
1Mw5UHVAPIz6DTkWexN0DOK8XQNWl2YwcSVhFors5Za5RBaROu1UMRVUIa2KeJxt
CFrlMqSKcCw=
=kd7G
-----END PGP SIGNATURE-----

------- End of Forwarded Message

From netramet-owner  Fri Dec 13 03:29:09 1996
Received: (from majordom@localhost) by mailhost.auckland.ac.nz (8.8.4/8.7.3-ua) id DAA22794 for netramet-outgoing; Fri, 13 Dec 1996 03:25:42 +1300 (NZDT)
Received: from mailhub.axion.bt.co.uk (mailhub.axion.bt.co.uk [132.146.5.4]) by mailhost.auckland.ac.nz (8.8.4/8.7.3-ua) with SMTP id DAA22788 for <[email protected]>; Fri, 13 Dec 1996 03:25:30 +1300 (NZDT)
Received: from gideon.bt.co.uk (actually gideon.bt-sys.bt.co.uk) by mailhub.axion.bt.co.uk with SMTP (PP);
         Thu, 12 Dec 1996 14:07:34 +0000
Received: from localhost by gideon.bt.co.uk (5.x/SMI-SVR4) id AA25871; Thu, 12 Dec 1996 14:03:15 GMT
Date: Thu, 12 Dec 1996 14:03:14 +0000 (GMT)
From: George Tsirtsis <[email protected]>
To: NeTraMet <[email protected]>
Subject: nifty for Linux
Message-Id: <Pine.SOL.3.95.961212140107.25132V-100000@gideon>
Mime-Version: 1.0
Content-Type: TEXT/PLAIN; charset=US-ASCII
Sender: [email protected]
Precedence: bulk

Hi,

Is there any version of NeTraMet that includes nifty (preferable in binary
format)?

Cheers,

George Tsirtsis
--------------------------------------------------------------------------
Network Research                            Tel   : 0044-1473-640756
BT Labs                                     Fax   : 0044-1473-640709
Ipswich                                     e-mail: [email protected]
--------------------------------------------------------------------------


From netramet-owner  Fri Dec 13 20:18:36 1996
Received: (from majordom@localhost) by mailhost.auckland.ac.nz (8.8.4/8.7.3-ua) id TAA20674 for netramet-outgoing; Fri, 13 Dec 1996 19:59:26 +1300 (NZDT)
Received: from nevil.mtg.ietf.org (ietf-dhcp16.mtg.ietf.org [205.180.222.216]) by mailhost.auckland.ac.nz (8.8.4/8.7.3-ua) with SMTP id TAA20663; Fri, 13 Dec 1996 19:59:17 +1300 (NZDT)
From: Nevil Brownlee <[email protected]>
Reply-To: Nevil Brownlee <[email protected]>
To: George Tsirtsis <[email protected]>
cc: NeTraMet <[email protected]>
Subject: Re: nifty for Linux
Message-ID: <[email protected]>
Date: Fri, 13 Dec 1996 19:59:42 +1200 ()
Priority: NORMAL
X-Mailer: Simeon for Win32 Version 4.0.7
X-Authentication: none
MIME-Version: 1.0
Content-Type: TEXT/PLAIN; CHARSET=US-ASCII
Sender: [email protected]
Precedence: bulk

Hello all:

On Thu, 12 Dec 1996 14:03:14 +0000 (GMT) George Tsirtsis
<[email protected]> wrote:

> Is there any version of NeTraMet that includes nifty (preferable in binary
> format)?

The currrent release (3.4) include the nifty sources and makefiles.
Binary tar files which include nifty are in the distribution
directory (ftp://ftp.auckland.ac.nz/pub/iawg/NeTraMet) for Solaris
and Irix (there;s also a Linux binary, but that doesn't include
nifty).

Cheers, Nevil

+---------------------------------------------------------------------+
| Nevil Brownlee                     Director, Technology Development |
| Phone: +64 9 373 7599 x8941        ITSS, The University of Auckland |
|   FAX: +64 9 373 7425      Private Bag 92019, Auckland, New Zealand |
+---------------------------------------------------------------------T




From netramet-owner  Sun Dec 15 08:31:56 1996
Received: (from majordom@localhost) by mailhost.auckland.ac.nz (8.8.4/8.7.3-ua) id IAA08714 for netramet-outgoing; Sun, 15 Dec 1996 08:15:42 +1300 (NZDT)
Received: from agora.rdrop.com ([email protected] [199.2.210.241]) by mailhost.auckland.ac.nz (8.8.4/8.7.3-ua) with SMTP id IAA08709 for <[email protected]>; Sun, 15 Dec 1996 08:15:39 +1300 (NZDT)
Received: by agora.rdrop.com (Smail3.1.29.1 #17)
       id m0vYzYd-0008uxC; Sat, 14 Dec 96 11:15 PST
Message-Id: <[email protected]>
From: [email protected] (Alan Batie)
Subject: netramet on freebsd
To: [email protected]
Date: Sat, 14 Dec 1996 11:15:35 -0800 (PST)
X-Mailer: ELM [version 2.4 PL24 ME8a]
MIME-Version: 1.0
Content-Type: text/plain; charset=US-ASCII
Content-Transfer-Encoding: 7bit
Sender: [email protected]
Precedence: bulk

I've done a first pass port of netramet to FreeBSD; it's "working mostly",
but the snmp utils in the apps directory will take some more effort, as
4.4 BSD merged the arp table into the routing table, and some other things
have changed as well.  I'm not sure how much effort to put into this, as
they don't appear to be necessary, but I'll work on it as I get a chance.

I've got motif on order for FreeBSD and BSD/OS so I can build nifty there
as well.  When it's done, I'll send patches.  In the mean time, I'm trying
to make sense of the rule semantics.  I keep getting 0's when I first
install a new ruleset too.  It seems like I have to restart nm_rc, or
otherwise wait a while to get valid numbers for ports and addresses.  It
almost acts like because I've changed the ruleset, it doesn't have the
data I'm asking for, but it has some previously collected data?  It seems
not to be flushing out as quickly as I would expect though.  Perhaps I'm
just impatient (well, make that "definitely" :-) ).

I'm planning on using netramet at home to help manage a basement isp I've
been running for several years, and at work as a test tool to verify data
flows under rsvp.

--
Alan Batie                   ______
[email protected]        \    /      Assimilate this!
+1 503 452-0960               \  /       --Worf, First Contact
DE 3C 29 17 C0 49 7A 27        \/        40 A5 3C 37 4A DA 52 B9

It is my policy to avoid purchase of any products from companies which
use unrequested email advertisements or telephone solicitation.

From netramet-owner  Tue Dec 17 08:21:18 1996
Received: (from majordom@localhost) by mailhost.auckland.ac.nz (8.8.4/8.7.3-ua) id IAA09643 for netramet-outgoing; Tue, 17 Dec 1996 08:03:58 +1300 (NZDT)
Received: from scorpions.ifqsc.sc.usp.br (www.ifqsc.sc.usp.br [143.107.228.70]) by mailhost.auckland.ac.nz (8.8.4/8.7.3-ua) with SMTP id IAA09631 for <[email protected]>; Tue, 17 Dec 1996 08:03:48 +1300 (NZDT)
Received: (from sergio@localhost) by scorpions.ifqsc.sc.usp.br (8.6.12/8.6.12) id RAA20676; Mon, 16 Dec 1996 17:03:41 GMT
Date: Mon, 16 Dec 1996 17:03:37 +0000 ()
From: Sergio Henrique Oliveira Pereira <[email protected]>
X-Sender: [email protected]
To: Lista Netramet <[email protected]>
Subject: Acessing   TCP Header
Message-ID: <Pine.BSF.3.91.961216164636.20331B-100000@scorpions.ifqsc.sc.usp.br>
MIME-Version: 1.0
Content-Type: TEXT/PLAIN; charset=US-ASCII
Sender: [email protected]
Precedence: bulk



   Is it possible to use NeTraMet to recognize the TCP SYN and TCP
Ack messages?

Can anybody help?

Thanks in advance.




       __
     +|oo|+
     +|oo|+          Instituto de Fisica de Sao Carlos - USP
       ||             Departamento de Fisica e Informatica
       ||             Grupo de Instrumentacao e Eletronica
       ||
       ||
       ||            E-mail : [email protected]
    _  ||  _                  [email protected]
    \\_||_//
     | [] |
     | || |     http://www.ifqsc.sc.usp.br/hpp/sergio/sergio.html
    /  []  \
    \______/



From netramet-owner  Tue Dec 17 09:45:47 1996
Received: (from majordom@localhost) by mailhost.auckland.ac.nz (8.8.4/8.7.3-ua) id JAA16890 for netramet-outgoing; Tue, 17 Dec 1996 09:43:41 +1300 (NZDT)
Received: from homer.is.com.fj (homer.is.com.fj [202.62.124.238]) by mailhost.auckland.ac.nz (8.8.4/8.7.3-ua) with ESMTP id JAA16871 for <[email protected]>; Tue, 17 Dec 1996 09:43:30 +1300 (NZDT)
Received: from it.is.com.fj (it.is.com.fj [202.62.124.233]) by homer.is.com.fj (8.7.1/8.7.1) with SMTP id IAA26552 for <[email protected]>; Tue, 17 Dec 1996 08:43:06 +1200 (GMT-12)
Message-Id: <[email protected]>
X-Sender: [email protected] (Unverified)
X-Mailer: Windows Eudora Light Version 1.5.4 (32)
Mime-Version: 1.0
Content-Type: text/plain; charset="us-ascii"
Date: Tue, 17 Dec 1996 08:42:33 +1200
To: [email protected]
From: Ilaitia Tuisawau <[email protected]>
Subject: Commercial Package
Sender: [email protected]
Precedence: bulk

Bula All,

Does anyone have suggestions about the best commercial packages available
for traffic metering (and billing)? There doesn't seem to be much
available...any suggestions welcome.

TIA,
Ilaitia


From netramet-owner  Wed Dec 18 00:05:47 1996
Received: (from majordom@localhost) by mailhost.auckland.ac.nz (8.8.4/8.7.3-ua) id XAA02387 for netramet-outgoing; Tue, 17 Dec 1996 23:59:06 +1300 (NZDT)
Received: from papaioea.manawatu.gen.nz ([email protected] [202.36.148.67]) by mailhost.auckland.ac.nz (8.8.4/8.7.3-ua) with SMTP id XAA02381 for <[email protected]>; Tue, 17 Dec 1996 23:59:02 +1300 (NZDT)
Received: from papaioea.manawatu.gen.nz ([email protected] [202.36.148.67]) by papaioea.manawatu.gen.nz (8.6.12/8.6.12) with SMTP id XAA23557; Tue, 17 Dec 1996 23:51:10 +1300
Date: Tue, 17 Dec 1996 23:51:08 +1300 (NZDT)
From: Alan Brown <[email protected]>
To: Ilaitia Tuisawau <[email protected]>
cc: [email protected]
Subject: Re: Commercial Package
In-Reply-To: <[email protected]>
Message-ID: <Pine.SUN.3.90.961217234928.11975y-100000@papaioea.manawatu.gen.nz>
MIME-Version: 1.0
Content-Type: TEXT/PLAIN; charset=US-ASCII
Sender: [email protected]
Precedence: bulk

On Tue, 17 Dec 1996, Ilaitia Tuisawau wrote:

> Does anyone have suggestions about the best commercial packages available
> for traffic metering (and billing)? There doesn't seem to be much
> available...any suggestions welcome.

I feel that data charging is pretty much unique to this part of the world.
Everyone I know who's using it is running in-house generated solutions.

AB

From netramet-owner  Fri Dec 20 07:16:03 1996
Received: (from majordom@localhost) by mailhost.auckland.ac.nz (8.8.4/8.7.3-ua) id GAA20809 for netramet-outgoing; Fri, 20 Dec 1996 06:58:10 +1300 (NZDT)
Received: from bill-graham.nfic.com (bill-graham.nfic.com [205.231.86.32]) by mailhost.auckland.ac.nz (8.8.4/8.7.3-ua) with ESMTP id GAA20796 for <[email protected]>; Fri, 20 Dec 1996 06:57:50 +1300 (NZDT)
Received: (from rramstad@localhost) by bill-graham.nfic.com (8.7.3/8.7.3) id MAA02444; Thu, 19 Dec 1996 12:56:56 -0500 (EST)
Date: Thu, 19 Dec 1996 12:56:56 -0500 (EST)
Message-Id: <[email protected]>
From: Bob Ramstad <[email protected]>
To: [email protected]
cc: [email protected]
In-reply-to: <[email protected]> (message from Bob
       Ramstad on Wed, 27 Nov 1996 16:38:09 -0500 (EST))
Subject: PC Metering and Collecting
Sender: [email protected]
Precedence: bulk

howdy.  we're considering purchasing a few PCs for use as meters on
different network segments.  from the documentation, it appears that
this process is relatively straightforward.

i'm assuming that Linux would be the right way to go.  i'm also
assuming we should have no problems compiling NeTraMet using gcc.

then again, i just stumbled across the pc directory which contains
"netramet.exe" -- supiciously looking like a precompiled executable
for DOS.  from the docs, it appears that if all i want to do is run
the meter NeTraMet, this and the WATTCP.CFG file, properly edited, is
all i need.  right?

anything special required for the Ethernet board?

what is a CRYNWYR packet driver?  where can i get one?

does the computer need to have a keyboard and screen, or is this
optional?

any options for collecting on the PC other than NeMac?  nifty sure is
cool...

i'd really appreciate responses from people who have recently set up
this sort of hardware / software and have suggestions and "war
stories" about the process.  i'm not on the list so please make sure
to send responses to me directly as well.  i'm sure some of these are
relatively dumb questions, so your patience is also appreciated.
thanks!

-- Bob

From netramet-owner  Fri Dec 20 13:02:32 1996
Received: (from majordom@localhost) by mailhost.auckland.ac.nz (8.8.4/8.7.3-ua) id MAA16422 for netramet-outgoing; Fri, 20 Dec 1996 12:59:27 +1300 (NZDT)
Received: from ormail.intel.com (ormail.intel.com [134.134.248.3]) by mailhost.auckland.ac.nz (8.8.4/8.7.3-ua) with ESMTP id MAA16409 for <[email protected]>; Fri, 20 Dec 1996 12:59:23 +1300 (NZDT)
Received: from ibeam.intel.com (ibeam.jf.intel.com [134.134.208.3]) by ormail.intel.com (8.8.4/8.7.3) with SMTP id PAA27721 for <[email protected]>; Thu, 19 Dec 1996 15:59:17 -0800 (PST)
Received: from aahz.jf.intel.com by ibeam.intel.com with smtp
       (Smail3.1.28.1 #6) id m0vasOo-000S69C; Thu, 19 Dec 96 16:01 PST
Received: by aahz.jf.intel.com (Smail3.1.28.1 #13)
       id m0vasMV-000hxnC; Thu, 19 Dec 96 15:58 PST
Message-Id: <[email protected]>
From: [email protected] (Alan Batie)
Subject: Where have I missed the boat?
To: [email protected]
Date: Thu, 19 Dec 1996 15:58:51 -0800 (PST)
X-Mailer: ELM [version 2.4 PL24 ME8]
MIME-Version: 1.0
Content-Type: text/plain; charset=US-ASCII
Content-Transfer-Encoding: 7bit
Sender: [email protected]
Precedence: bulk

I've got netramet running; I have a meter running on a bsdi system with the
following ruleset, intended to measure multicast traffic:

#
#  Rule specification file to count multicast traffic
#
SET 2
#
RULES
 SourcePeerType & 255 = IP:      Pushto, ip_pkt;
 SourcePeerType & 255 = dummy:   Ignore, 0;  # Ignore meter's dummy pkts
 Null & 0 = 0:                   GotoAct, Next;
 SourcePeerType & 255 = 0:       CountPkt, 0;    # Count packet types
#
ip_pkt:
 DestPeerAddress & 240.0.0.0 = 224.0.0.0:      CountPkt, 0;

#
FORMAT FlowIndex FlowRuleSet FirstTime DestPeerAddress ToPDUs ToOctets;
#
STATISTICS
#
# end of file

I have NeMaC running on the same system logging it, but it doesn't look
like anything's coming out of it:

#Time: 14:40:00 Thu 19 Dec 96 aahz Flows from 26262721 to 26274740
#Time: 14:42:00 Thu 19 Dec 96 aahz Flows from 26274739 to 26286758
#Time: 14:44:00 Thu 19 Dec 96 aahz Flows from 26286757 to 26298776
#Time: 14:46:00 Thu 19 Dec 96 aahz Flows from 26298775 to 26310795
#Time: 14:48:00 Thu 19 Dec 96 aahz Flows from 26310794 to 26322713
#Time: 14:50:09 Thu 19 Dec 96 aahz Flows from 26322712 to 26335624
#Time: 14:52:00 Thu 19 Dec 96 aahz Flows from 26335623 to 26346743
#Time: 14:54:00 Thu 19 Dec 96 aahz Flows from 26346742 to 26358762
#Time: 14:56:00 Thu 19 Dec 96 aahz Flows from 26358761 to 26370780
#Time: 14:58:00 Thu 19 Dec 96 aahz Flows from 26370779 to 26382798

I have nifty running read-only on a FreeBSD system (that's the only place
I have Motif at the moment): nifty -c 60 aahz public

Nifty is showing reasonable values in the little status window at the
bottom:

15:09:00 Thu 19 Dec 96, aahz exp0, , 60s sample, 3 active flows, 1.363 Mbps+/-

but not graphing anything (it would be nice if that status line were
cut/pasteable).  I've tried all scales...

--
Alan Batie                     ------        What goes up, must come down.
[email protected]        \    /        Ask any system administrator.
+1 503-264-8844 (voice)         \  /         --unknown
D0 D2 39 0E 02 34 D6 B4          \/          5A 41 21 8F 23 5F 08 9D

From netramet-owner  Fri Dec 20 20:25:49 1996
Received: (from majordom@localhost) by mailhost.auckland.ac.nz (8.8.4/8.7.3-ua) id UAA09066 for netramet-outgoing; Fri, 20 Dec 1996 20:18:20 +1300 (NZDT)
Received: from nc3a.nato.int (issun3.nc3a.nato.int [192.41.140.225]) by mailhost.auckland.ac.nz (8.8.4/8.7.3-ua) with SMTP id UAA09046 for <[email protected]>; Fri, 20 Dec 1996 20:17:59 +1300 (NZDT)
Received: from compc12.nc3a.nato.int by nc3a.nato.int with SMTP id AA19495
 (5.67b/IDA-1.5 for <[email protected]>); Fri, 20 Dec 1996 08:11:51 +0100
Message-Id: <[email protected]>
X-Sender: [email protected]
X-Mailer: Windows Eudora Pro Version 2.2 (16)
Mime-Version: 1.0
Content-Type: text/plain; charset="us-ascii"
Date: Fri, 20 Dec 1996 09:24:35 +0000
To: Bob Ramstad <[email protected]>
From: Marc van Selm <[email protected]>
Subject: Re: PC Metering and Collecting
Cc: [email protected]
Sender: [email protected]
Precedence: bulk

At 12:56 PM 12/19/96 -0500, you wrote:
>howdy.  we're considering purchasing a few PCs for use as meters on
>different network segments.  from the documentation, it appears that
>this process is relatively straightforward.
>
>i'm assuming that Linux would be the right way to go.  i'm also
>assuming we should have no problems compiling NeTraMet using gcc.

You are correct. I'm using Linux because this runs on a PC (cheap probe) and
unlike the DOS-version I can restart it remotely (and upgrade it from here
instead of going to the site...)

>then again, i just stumbled across the pc directory which contains
>"netramet.exe" -- supiciously looking like a precompiled executable
>for DOS.  from the docs, it appears that if all i want to do is run
>the meter NeTraMet, this and the WATTCP.CFG file, properly edited, is
>all i need.  right?

mmm, I've used the DOS version in the past. Worked fine but I think there
were some limitations (Memory etc...) The WATTCP.CFG file is the config for
the ethernet-driver (WATTCP) I asume this driver is also there...

>anything special required for the Ethernet board?

NO, I don't think so. I've been running it with 3C503-cards. The manuals
give some info on what kind of performance you'll get when you run various
PC-platforms. (i386 with etherlink-II card will be good-enough if you are
monitoring a segment with only internet traffic. A huge lan my need a
P90+PCI-ethernet.)

>does the computer need to have a keyboard and screen, or is this
>optional?

Depends of the OS. Dos will need keyboard and linux doesn't need it. A
screen you can do without if you make sure Netramet is autostarted (or
started from remote when using Linux)

>any options for collecting on the PC other than NeMac?  nifty sure is
>cool...

NM_RC displays a formatted and sorted table on the screen (very nice!) (it
has a build-in fd-filter capability)

I'm working on a web interface for NM_RC. Almost finisched....

Happy new year...

Marc van Selm
-------------------------------------------------
Marc van Selm
NATO C3 Agency
Communication Systems Division, A-Branch
E-Mail: [email protected]
-------------------------------------------------
PGP key: http://www.cistron.nl/~selm/keymarc.asc


From netramet-owner  Fri Dec 20 21:12:20 1996
Received: (from majordom@localhost) by mailhost.auckland.ac.nz (8.8.4/8.7.3-ua) id VAA10565 for netramet-outgoing; Fri, 20 Dec 1996 21:11:22 +1300 (NZDT)
Received: from tron.kom.tuwien.ac.at (tron.kom.tuwien.ac.at [128.130.34.30]) by mailhost.auckland.ac.nz (8.8.4/8.7.3-ua) with SMTP id VAA10556 for <[email protected]>; Fri, 20 Dec 1996 21:11:05 +1300 (NZDT)
Received: (from bloeser@localhost) by tron.kom.tuwien.ac.at (8.6.12/8.6.11) id JAA07919; Fri, 20 Dec 1996 09:08:04 +0100
Message-Id: <[email protected]>
Subject: Re: PC Metering and Collecting
In-Reply-To: <[email protected]> from Marc van Selm at "Dec 20, 96 09:24:35 am"
To: [email protected] (Marc van Selm)
Date: Fri, 20 Dec 1996 09:08:04 +0100 (MET)
Cc: [email protected], [email protected]
From: [email protected]
Reply-to: [email protected]
Organization: Vienna University of Technology, Austria
X-Mailer: ELM [version 2.4ME+ PL25 (25)]
MIME-Version: 1.0
Content-Type: text/plain; charset=US-ASCII
Content-Transfer-Encoding: 7bit
Sender: [email protected]
Precedence: bulk

> At 12:56 PM 12/19/96 -0500, you wrote:
> >howdy.  we're considering purchasing a few PCs for use as meters on
> >different network segments.  from the documentation, it appears that
> >this process is relatively straightforward.
> >
> >i'm assuming that Linux would be the right way to go.  i'm also
> >assuming we should have no problems compiling NeTraMet using gcc.
>
> You are correct. I'm using Linux because this runs on a PC (cheap probe) and
> unlike the DOS-version I can restart it remotely (and upgrade it from here
> instead of going to the site...)
>
> >then again, i just stumbled across the pc directory which contains
> >"netramet.exe" -- supiciously looking like a precompiled executable
> >for DOS.  from the docs, it appears that if all i want to do is run
> >the meter NeTraMet, this and the WATTCP.CFG file, properly edited, is
> >all i need.  right?
>
> mmm, I've used the DOS version in the past. Worked fine but I think there
> were some limitations (Memory etc...) The WATTCP.CFG file is the config for
> the ethernet-driver (WATTCP) I asume this driver is also there...
>
> >anything special required for the Ethernet board?
>
> NO, I don't think so. I've been running it with 3C503-cards. The manuals
> give some info on what kind of performance you'll get when you run various
> PC-platforms. (i386 with etherlink-II card will be good-enough if you are
> monitoring a segment with only internet traffic. A huge lan my need a
> P90+PCI-ethernet.)
>
> >does the computer need to have a keyboard and screen, or is this
> >optional?
>
> Depends of the OS. Dos will need keyboard and linux doesn't need it. A
> screen you can do without if you make sure Netramet is autostarted (or
> started from remote when using Linux)

DOS does not need a keyboard!
I am using diskless, screenless and keyboard-less PCs as probes.
And if everything is set up right, I can just plug the box
into the net wherever I need it and press the power button.
It boots from floppy and autostarts NeTraMet.
All there is to do is to configure the necessary network parameters
in the WATTCP.CFG file (before I send someone off with the box to
install it). Works great for us.

>
> >any options for collecting on the PC other than NeMac?  nifty sure is
> >cool...
>
> NM_RC displays a formatted and sorted table on the screen (very nice!) (it
> has a build-in fd-filter capability)
>
> I'm working on a web interface for NM_RC. Almost finisched....
>
> Happy new year...
>
> Marc van Selm
> -------------------------------------------------
> Marc van Selm
> NATO C3 Agency
> Communication Systems Division, A-Branch
> E-Mail: [email protected]
> -------------------------------------------------
> PGP key: http://www.cistron.nl/~selm/keymarc.asc
>
>

Wishing you all a peaceful Christmas,  Fritz
--
Friedrich Bloeser                         [email protected]
Computing Services, Communication Group   phone: (+43 1) 588 01-5810
Vienna Univ. of Technology, Austria       fax:   (+43 1) 587 42 11

From netramet-owner  Sat Dec 21 05:28:05 1996
Received: (from majordom@localhost) by mailhost.auckland.ac.nz (8.8.4/8.7.3-ua) id FAA21482 for netramet-outgoing; Sat, 21 Dec 1996 05:23:31 +1300 (NZDT)
Received: from nc3a.nato.int (issun3.nc3a.nato.int [192.41.140.225]) by mailhost.auckland.ac.nz (8.8.4/8.7.3-ua) with SMTP id FAA21466 for <[email protected]>; Sat, 21 Dec 1996 05:23:08 +1300 (NZDT)
Received: from compc12.nc3a.nato.int by nc3a.nato.int with SMTP id AA26845
 (5.67b/IDA-1.5 for <[email protected]>); Fri, 20 Dec 1996 17:10:58 +0100
Message-Id: <[email protected]>
X-Sender: [email protected]
X-Mailer: Windows Eudora Pro Version 2.2 (16)
Mime-Version: 1.0
Content-Type: text/plain; charset="us-ascii"
Date: Fri, 20 Dec 1996 18:23:59 +0000
To: [email protected]
From: Marc van Selm <[email protected]>
Subject: Re: PC Metering and Collecting
Cc: [email protected], [email protected]
Sender: [email protected]
Precedence: bulk

At 09:08 AM 12/20/96 +0100, [email protected] wrote:

>DOS does not need a keyboard!
>I am using diskless, screenless and keyboard-less PCs as probes.
>And if everything is set up right, I can just plug the box
>into the net wherever I need it and press the power button.
>It boots from floppy and autostarts NeTraMet.
>All there is to do is to configure the necessary network parameters
>in the WATTCP.CFG file (before I send someone off with the box to
>install it). Works great for us.

You might be right. I was just thinking of the famous error message brougth
to you by Microsoft:

"No keyboard connected, press F1 to continue"

But if it works for you, it should work for all..

Happy new year, and Christmas...

Marc van Selm
-------------------------------------------------
Marc van Selm
NATO C3 Agency
Communication Systems Division, A-Branch
E-Mail: [email protected]
-------------------------------------------------
PGP key: http://www.cistron.nl/~selm/keymarc.asc


From netramet-owner  Sun Dec 22 04:07:06 1996
Received: (from majordom@localhost) by mailhost.auckland.ac.nz (8.8.4/8.7.3-ua) id DAA18897 for netramet-outgoing; Sun, 22 Dec 1996 03:50:53 +1300 (NZDT)
Received: from papaioea.manawatu.gen.nz ([email protected] [202.36.148.67]) by mailhost.auckland.ac.nz (8.8.4/8.7.3-ua) with SMTP id DAA18888 for <[email protected]>; Sun, 22 Dec 1996 03:50:28 +1300 (NZDT)
Received: from papaioea.manawatu.gen.nz ([email protected] [202.36.148.67]) by papaioea.manawatu.gen.nz (8.6.12/8.6.12) with SMTP id DAA01677; Sun, 22 Dec 1996 03:42:50 +1300
Date: Sun, 22 Dec 1996 03:42:49 +1300 (NZDT)
From: Alan Brown <[email protected]>
To: [email protected]
cc: Marc van Selm <[email protected]>, [email protected],
       [email protected]
Subject: Re: PC Metering and Collecting
In-Reply-To: <[email protected]>
Message-ID: <[email protected]>
MIME-Version: 1.0
Content-Type: TEXT/PLAIN; charset=US-ASCII
Sender: [email protected]
Precedence: bulk

On Fri, 20 Dec 1996 [email protected] wrote:

> DOS does not need a keyboard!

To be more precise: DOS doesn't need a keyboard, but many bios's do.

Most modern bios' allow the keyboard to be set to "not installed", after
which, a keyboard is no longer necessary.

If a machine absolutely has to have a keyboard to start, dump it.

AB
Stamp out unauthorised relay-hosting. This SMTP "feature" shouldn't default "on"
See http://www.vix.com/spam/ and http://www.sendmail.org/antispam.html

Junk email returned, in bulk, back to sender; w/copies to all postmasters.

You are viewing proxied material from ftp.icm.edu.pl. The copyright of proxied material belongs to its original authors. Any comments or complaints in relation to proxied material should be directed to the original authors of the content concerned. Please see the disclaimer for more details.