| View previous topic :: View next topic |
| Author |
Message |
puddpunk
l33t
Joined: 20 Jul 2002
Posts: 681
Location: New Zealand
|
 Posted: Wed Mar 03, 2004 8:31 am Post subject: Connection Control in Linux |
 |
|
Hey Guys,
At home, I'm thinking of replacing my SUSE based server/firewall with Gentoo and some wicked security stuff (i.e. GRSec and maybe selinux if I can get around to it). I've decided to use Gentoo for this because I have a lot of experience in keeping it running.
Anyway, this is to a be a "server of all trades" and run a mail server (Qmail with VPopmail, courier-imap and f-prot.), a web server (apache) for internal (LAN) and external (web) access and WWW and FTP caching (squid). It will be a file/print sharing box for the internal network (via samba, cups and NFS), monitor incoming traffic to a MySQL database (snort) and be displayed on the web (acid). It will also provide DHCP addresses to the internal network.
Now most of these goodies can be controlled through a decent web interface (webmin, acid, swat, qmail-admin etc...) but the one thing i miss from when we had a Windows 2000 server with winproxy on it is the ability to easily view connections, and deal with those connections how you will.
For instance, there would be a tree display like this:
192.168.0.1
| - <LAN source> <destination> <port> <duration>
| - 192.168.0.2 www.google.com 80 20
And on that connection I could click and have options like: Terminate etc....
Now I'm not looking for anything as fancy as that, but what would be nice is if I could load a webpage with... probably a java applet that can keep up with the connections and states would be nice, but even a PHP script or something that keeps updating and allows me to terminate, or throttle a connection.
I could easily terminate or throttle a connection from the command line using tcpkill or tcpnice from the dsniff tool set, but aside from being incredibly out of date, I don't exactly trust those programs on my internet-accessable server!
So has anybody come across something even remotely like this? Even something that I can hack on and perhaps add features to. I've had a quick look at things like ntop but it didnt really fit my needs.
Any advice welcome,
Cheers,
Chris.
_________________
THIS SIG INTENTIONALLY LEFT BLANK |
|
| Back to top |
|
 |
revertex
l33t
Joined: 23 Apr 2003
Posts: 806
|
| Posted: Wed Mar 03, 2004 11:04 am Post subject: |
|
|
I'm sure you will be surprised with ntop.
Awesome app., i don't know why there so little popularity.
http://www.ntop.org/ntop.html
Cheers |
|
| Back to top |
|
|
mallchin
l33t
Joined: 21 Jan 2003
Posts: 655
Location: United Kingdom
|
| Posted: Mon Apr 26, 2004 5:41 pm Post subject: |
|
|
Does ntop allow one to throttle a network connection?
_________________
6700 @ 2.66GHz, 4Gb RAM, 2 x 500Gb, 8800 GTX, PhysX, X-Fi, 24" Widescreen, Tux mascot |
|
| Back to top |
|
|
revertex
l33t
Joined: 23 Apr 2003
Posts: 806
|
| Posted: Tue Apr 27, 2004 8:20 am Post subject: |
|
|
| mallchin wrote: | | Does ntop allow one to throttle a network connection? |
I can't believe that, ntop is just a measure tool. |
|
| Back to top |
|
|
mallchin
l33t
Joined: 21 Jan 2003
Posts: 655
Location: United Kingdom
|
| Posted: Tue Apr 27, 2004 10:09 am Post subject: |
|
|
| revertex wrote: | | mallchin wrote: | | Does ntop allow one to throttle a network connection? |
I can't believe that, ntop is just a measure tool. |
I see, much like top, aah well, always hope... 
_________________
6700 @ 2.66GHz, 4Gb RAM, 2 x 500Gb, 8800 GTX, PhysX, X-Fi, 24" Widescreen, Tux mascot |
|
| Back to top |
|
|
|
|
You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot vote in polls in this forum
|
|
Networking & Security
