Description:

For analysis and monitoring purposes it is useful to check the interfaces of a network device. In doing so the traffic throughput for individual interfaces can be read out, for example. On a LANCOM R&S®Unified Firewall this can be done via the CLI command iptraf-ng.

This article describes how information regarding individual interfaces can be read out on a Unified Firewall via the CLI command iptraf-ng. 

The tool iptraf-ng is available in all versions up to and including LCOS FX 10.6. However LANCOM Systems cannot guarantee, that this tool will still be available in future LCOS FX versions.



Requirements:


Procedure:

1) Starting the network monitoring tool "iptraf-ng":

1.1) Connect to the Unified Firewall with an SSH client and login with the user gpadmin.

1.2) Enter the command sudo -i to gain root permissions and acknowledge the password prompt by entering the password for the user gpadmin.  

1.3) Enter the command iptraf-ng.

1.4) There are five different menus, which show different status informaton. These are described in detail in step 2).



2) Various monitoring possibilities: 

In some menus it is necessary to specify an interface to be monitored. The interfaces are also shown in the monitoring views. The following interfaces can be selected:

  • All interfaces: Information for all interfaces is shown
  • lo: Information for the loopback address 127.0.0.1 is shown
  • ethx: Information for a specific ethernet port is shown (e.g. eth0)
  • tunx: Information for a specific VPN SSL tunnel is shown (e.g. tun0)
  • xfrmx: Information for a specific IPSec VPN tunnel is shown (e.g. xfrm1)

2.1) IP traffic monitor:

2.1.1) Select an Interface to be monitored (in this example All interfaces).

2.1.2) This view shows the ports the IP addresses use for communication and to which interface the IP addresses are connected. 


2.2) General interface statistics:

This view shows the number of packets as well as the data throughput for individual interfaces.


2.3) Detailed interface statistics:

2.3.1) Select an interface to be monitored (in this example eth2).

2.3.2) This view shows the current data throughput as well as the number of transmitted packets for a specific interface.

 


2.4) Statistical breakdowns:

2.4.1) Choose if you want the output to be filtered by packet size (By packet size) or by ports (By TCP/UDP port).

2.4.2) Select an interface to be monitored (in this example eth2).

2.4.3) The different filter options by packet size and by ports, which are configured in step 2.4.1) are shown below:


2.5) LAN station monitor:

2.5.1) Select an interface to be monitored (in this example All interfaces).

2.5.2) This view shows which stations in the local network (MAC address) are connected and how much traffic they transmit.