[WBEL-users] Monitor users
Rob Freeman
sysadmin@fleetone.com
Thu, 1 Jul 2004 11:53:44 -0500
Maybe put that in a scrip and run it from cron?
/usr/local/bin/tcpdump1.sh
#!/bin/bash
/usr/sbin/tcpdump -a -p -i eth0 tcp and dst port 80 > /log/port80_`date
'+%F-%A'`.tcpdump
chmod 755 /usr/local/bin/tcpdump1.sh
Rob
----- Original Message -----
From: <whitebox@911networks.com>
To: <whitebox-users@beau.org>
Sent: Thursday, July 01, 2004 11:41 AM
Subject: [WBEL-users] Monitor users
> Hi,
>
> I have a WBox acting as firewall. I'd like to track the outgoing
> traffic [web and others] with the IP address source [192.168.x.x]
> and the destination IP/port.
>
> I have have been using tcpdump for this, but I can't get it
> working from the a cron job.
>
> 1 0 * * * /usr/sbin/tcpdump -a -p -i eth0 tcp and dst port 80 >
/log/port80_`date '+%F-%A'`.tcpdump
> 57 23 * * * /bin/ps auxw | grep nscd | grep -v grep | awk '{print $2}' |
xargs kill
> 58 23 * * * /bin/cp /log/port80_`date '+%F-%A'`.tcpdump /log/backup/
> 59 23 * * * /bin/tar -czf /log/backup/p80_`date '+%F-%A'`.tar
/log/backup/port80_`date '+%F-%A'`.tcpdump
>
>
> Any suggestion would be appreciated
>
> --
> Thanks
> whitebox@911networks.com
>
>
> _______________________________________________
> Whitebox-users mailing list
> Whitebox-users@beau.org
> http://beau.org/mailman/listinfo/whitebox-users