I have something to share that I’ve been working on for the office. When the Internet seems slow I like to be able to see who is doing what, and that is what this little Windows app does. It looks like this:
It is also extremely useful to see the traffic shaping effects when playing around with shaping rules on your Mikrotik router. It uses the Accounting feature of your router.
The tool with basic instructions is attached to this post or you can download it from the links below.
I hope this can be of use to someone! Comments welcome.
Daniel
PS: I know this is technically not a ‘sniffer’ but it actually started off as one so the name stuck.
EDIT:
I added a new version to this post (V1.0.3). Download the service and viewer from the links below. I had to split them because the forum does not allow files larger than 1 MB any more.
Change Log:
V1.0.3 (2014-06-24)
Download: Viewer and Service
Ability to specify service name
Use keepalive on service
Added code to help plink.exe start up the first time
Added more FAQ’s to readme.txt
V1.0.2 (2014-01-15)
Added ability to track multiple subnets
Fixed and improved logging for service
Removed ‘Save to CSV’ button which was not working
I have something to share that I’ve been working on for the office. When the Internet seems slow I like to be able to see who is doing what, and that is what this little Windows app does. It looks like this:
brother is there any solution for realtime traffic monitor for LAN to internet side (WAN) which also resolve address to host like sniffer
Not sure I understand the question. This tool shows all traffic going through the router (Lan to Internet) and shows host names. Sounds like that is what you need?
Works great, I really like it. The colorscheme is abit hard to get used to but its quite handy I love it. However if I may make some suggestions, perhaps a way to sort/filter the IP’s for future versions ? You have all these columns but I can’t use them to sort the list and see which user has the highest send/receive or total download…etc. Or the ability to filter, i.e monitor a few specific IP’s, known downloaders and such, perhaps a list ? Anyways, great work, I’ve been looking for something like this for a while, and its fairly simple to get working.
edit:
you may wanna double check the numbers, for some reason its reporting some of my IP’s over their 1mb limit, but I have winbox opened and its barely close to the limit
Thanks for the feedback, glad you like it! The colour scheme is the same as the one used in munin. The columns are sorted by total transfer size (sum of up and down traffic) i.e. your top users will be listed first. Active users (>= 100kbps up or down) will be marked in bold so they will stand out anyway. Our office is only 16 people so showing the 30 most active ones is really sufficient. On a Lan with more than 30 machines all IP’s generating traffic are always shown but all the ones more than 30 are summed together as ‘other’ on the graph.
I’m surprised to hear your numbers are out because I find it very accurate. I do use a 5 second running average, however, so you will see some smoothing out. But a sustained load should be reflected quite accurately. I would be curious what other users experience.
Hmm, you’re right about the CSV. I actually never use it but I’ll fix/remove it for a next version. Does anyone need it?
The viewer app has no history capability, only real-time. I do have a (slightly crude but working) munin plugin that will plot the same details for day/week/month/year if anyone is interested. It connects to the same service as the viewer does. Of course you will need a working munin setup.
Here you go. Note that it is written in python so you will need that too.
I’m no python programmer, so it can probably be done much cleaner. But it does the job.
Good day,
please can anyone assist in setting up attrix5. i configured it to listen on port 85 and i get this message on the snifferservice.txt file on the service PC
cannot get traffic:connect timeout. (172.0.0.1:80)
the viewer screen is blank.
