Section: Maintenance Commands (8)Updated: 24 November 2004Local indexUp
NeTAMS - Network Traffic Accounting and Monitoring Software.
is a Network Traffic Accounting and Monitoring Software. It works as a
daemon for FreeBSD, Linux and Solaris operating systems. Supported traffic
information sources are tee/divert/ip_queue/libpcap/netflow v5; storages are
BerkleyDB/MySQL/PostgresSQL. Various aggregation, vizualisation and notification
ways are implemented. Authorization, quotas, bandwidth control, flexible accounting and
blocking policies are also here.
do not become daemon
specifies an alternate configuration file to use.
turn logging to file on
turn logging to syslog on
specifies an alternate pid file to use.
do not create a pid file (by default, pid file created while options -l or -L used)
do not produce any output
You can run NeTAMS in three different modes depending on data source type:
allows you to capture all traffic on specified interface, exactly
as tcpdump does.
collects all NetFlow v5 UDP packets coming from Cisco router or external flow producer like
flowprobe/ipfw2netflow/ng_netflow. You don't need in any additional system features
to run libpcap or netflow accounting, but you cannot do any filtering with these data sources.
divert or ipq
captures all IP traffic going via your UNIX router, and you need to prepare system for that.
If you system is FreeBSD, your kernel configuration must have:
otherwise you will be not able to pass data packets to the program. Type
"dmesg" and have a look.
If you have Linux, you must use kernels 2.4.* or above, and iptables. Your
system must have netfilter package and libipq library properly installed;
both are typically not in a default installation. You should visit
http://www.netfilter.org site, read the documentation, download, install it
and rebuild a kernel. Or at least check 'modprobe ip_queue'.