18,356
社区成员
发帖
与我相关
我的任务
分享如何监测本地机器的网络流量(急)
如何监测本地机器的网络流量?我想监测一台服务器的网络流量,因为它的客户端有600个,如果600个用户同时拷贝文件的话,可能会出现问题。求源码。
...全文
请发表友善的回复…
发表回复
williamxia8 2003-07-08
- 打赏
- 举报
多谢虽然分少了点,谢谢楼上两位
Kylix_XP 2003-07-08
- 打赏
- 举报
使用winpcap吧..很容易 搞定..我只有linux下的程序..呵呵..
http://winpcap.polito.it/install/default.htm有教程(http://winpcap.polito.it/docs/man/html/index.html)和有关winpcap的下载..
关于采集流量:教程中有源码如下:
#include <stdlib.h>
#include <stdio.h>
#include <pcap.h>
void usage();
void dispatcher_handler(u_char *,
const struct pcap_pkthdr *, const u_char *);
void main(int argc, char **argv) {
pcap_t *fp;
char error[PCAP_ERRBUF_SIZE];
struct timeval st_ts;
u_int netmask;
struct bpf_program fcode;
/* Check the validity of the command line */
if (argc != 2)
{
usage();
return;
}
/* Open the output adapter */
if((fp = pcap_open_live(argv[1], 100, 1, 1000, error) ) == NULL)
{
fprintf(stderr,"\nError opening adapter: %s\n", error);
return;
}
/* Don't care about netmask, it won't be used for this filter */
netmask=0xffffff;
//compile the filter
if(pcap_compile(fp, &fcode, "tcp", 1, netmask) <0 ){
fprintf(stderr,"\nUnable to compile the packet filter. Check the syntax.\n");
/* Free the device list */
return;
}
//set the filter
if(pcap_setfilter(fp, &fcode)<0){
fprintf(stderr,"\nError setting the filter.\n");
/* Free the device list */
return;
}
/* Put the interface in statstics mode */
pcap_setmode(fp, MODE_STAT);
printf("TCP traffic summary:\n");
/* Start the main loop */
pcap_loop(fp, 0, dispatcher_handler, (PUCHAR)&st_ts);
return;
}
void dispatcher_handler(u_char *state, const struct pcap_pkthdr *header, const u_char *pkt_data)
{
struct timeval *old_ts = (struct timeval *)state;
u_int delay;
LARGE_INTEGER Bps,Pps;
struct tm *ltime;
char timestr[16];
/* Calculate the delay in microseconds from the last sample. */
/* This value is obtained from the timestamp that the associated with the sample. */
delay=(header->ts.tv_sec - old_ts->tv_sec) * 1000000 - old_ts->tv_usec + header->ts.tv_usec;
/* Get the number of Bits per second */
Bps.QuadPart=(((*(LONGLONG*)(pkt_data + 8)) * 8 * 1000000) / (delay));
/* ^ ^
| |
| |
| |
converts bytes in bits -- |
|
delay is expressed in microseconds --
*/
/* Get the number of Packets per second */
Pps.QuadPart=(((*(LONGLONG*)(pkt_data)) * 1000000) / (delay));
/* Convert the timestamp to readable format */
ltime=localtime(&header->ts.tv_sec);
strftime( timestr, sizeof timestr, "%H:%M:%S", ltime);
/* Print timestamp*/
printf("%s ", timestr);
/* Print the samples */
printf("BPS=%I64u ", Bps.QuadPart);
printf("PPS=%I64u\n", Pps.QuadPart);
//store current timestamp
old_ts->tv_sec=header->ts.tv_sec;
old_ts->tv_usec=header->ts.tv_usec;
}
void usage()
{
printf("\nShows the TCP traffic load, in bits per second and packets per second.\nCopyright (C) 2002 Loris Degioanni.\n");
printf("\nUsage:\n");
printf("\t tcptop adapter\n");
printf("\t You can use \"WinDump -D\" if you don't know the name of your adapters.\n");
exit(0);
}
http://winpcap.polito.it/install/default.htm有教程(http://winpcap.polito.it/docs/man/html/index.html)和有关winpcap的下载..
关于采集流量:教程中有源码如下:
#include <stdlib.h>
#include <stdio.h>
#include <pcap.h>
void usage();
void dispatcher_handler(u_char *,
const struct pcap_pkthdr *, const u_char *);
void main(int argc, char **argv) {
pcap_t *fp;
char error[PCAP_ERRBUF_SIZE];
struct timeval st_ts;
u_int netmask;
struct bpf_program fcode;
/* Check the validity of the command line */
if (argc != 2)
{
usage();
return;
}
/* Open the output adapter */
if((fp = pcap_open_live(argv[1], 100, 1, 1000, error) ) == NULL)
{
fprintf(stderr,"\nError opening adapter: %s\n", error);
return;
}
/* Don't care about netmask, it won't be used for this filter */
netmask=0xffffff;
//compile the filter
if(pcap_compile(fp, &fcode, "tcp", 1, netmask) <0 ){
fprintf(stderr,"\nUnable to compile the packet filter. Check the syntax.\n");
/* Free the device list */
return;
}
//set the filter
if(pcap_setfilter(fp, &fcode)<0){
fprintf(stderr,"\nError setting the filter.\n");
/* Free the device list */
return;
}
/* Put the interface in statstics mode */
pcap_setmode(fp, MODE_STAT);
printf("TCP traffic summary:\n");
/* Start the main loop */
pcap_loop(fp, 0, dispatcher_handler, (PUCHAR)&st_ts);
return;
}
void dispatcher_handler(u_char *state, const struct pcap_pkthdr *header, const u_char *pkt_data)
{
struct timeval *old_ts = (struct timeval *)state;
u_int delay;
LARGE_INTEGER Bps,Pps;
struct tm *ltime;
char timestr[16];
/* Calculate the delay in microseconds from the last sample. */
/* This value is obtained from the timestamp that the associated with the sample. */
delay=(header->ts.tv_sec - old_ts->tv_sec) * 1000000 - old_ts->tv_usec + header->ts.tv_usec;
/* Get the number of Bits per second */
Bps.QuadPart=(((*(LONGLONG*)(pkt_data + 8)) * 8 * 1000000) / (delay));
/* ^ ^
| |
| |
| |
converts bytes in bits -- |
|
delay is expressed in microseconds --
*/
/* Get the number of Packets per second */
Pps.QuadPart=(((*(LONGLONG*)(pkt_data)) * 1000000) / (delay));
/* Convert the timestamp to readable format */
ltime=localtime(&header->ts.tv_sec);
strftime( timestr, sizeof timestr, "%H:%M:%S", ltime);
/* Print timestamp*/
printf("%s ", timestr);
/* Print the samples */
printf("BPS=%I64u ", Bps.QuadPart);
printf("PPS=%I64u\n", Pps.QuadPart);
//store current timestamp
old_ts->tv_sec=header->ts.tv_sec;
old_ts->tv_usec=header->ts.tv_usec;
}
void usage()
{
printf("\nShows the TCP traffic load, in bits per second and packets per second.\nCopyright (C) 2002 Loris Degioanni.\n");
printf("\nUsage:\n");
printf("\t tcptop adapter\n");
printf("\t You can use \"WinDump -D\" if you don't know the name of your adapters.\n");
exit(0);
}
chenqsbeast 2003-07-08
- 打赏
- 举报
1)它能够管理整个局域网硬件情况(cpu 、硬盘、内存、网卡);
2)能够监测你的机器是否有木马;
3)sniff功能(截获网楼全部的数据流以共分析)
4)可以管理某台机器是否被访问!
5)监控你自己的机器内存、cpu使用情况,如果达到极限,报警(要有音响)
6)统计网络数据流量
7)远程关机、重器、以及注销
8)如果远程机器的cpu的温度升高到警戒线,就主动(不用巡测了)传回主台,并报警。
9)对远程计算机进行对时,并召回远程计算机的系统时间!
10)在主台还可以对远程机器的cpu进行降温处理!
11)增加了对网内是否有sniff功能的软件的监测!
下再地址:
http://www.zgtcc.com/upload/files/xinxi/F:XBakX20030305XNetAdminXNetAdminXLib.zip
2)能够监测你的机器是否有木马;
3)sniff功能(截获网楼全部的数据流以共分析)
4)可以管理某台机器是否被访问!
5)监控你自己的机器内存、cpu使用情况,如果达到极限,报警(要有音响)
6)统计网络数据流量
7)远程关机、重器、以及注销
8)如果远程机器的cpu的温度升高到警戒线,就主动(不用巡测了)传回主台,并报警。
9)对远程计算机进行对时,并召回远程计算机的系统时间!
10)在主台还可以对远程机器的cpu进行降温处理!
11)增加了对网内是否有sniff功能的软件的监测!
下再地址:
http://www.zgtcc.com/upload/files/xinxi/F:XBakX20030305XNetAdminXNetAdminXLib.zip
williamxia8 2003-07-08
- 打赏
- 举报
怎么没人回应呢,提示一下也好啊。工作急需!!!!多谢各位了!
