A company asked me to analyze some of their network traffic to verify some of the projects they are working on to cut costs won’t impact their business. One of the projects includes removing a 100 Mbps fiber connection to their colocation and replacing it with a cable modem that is asynchronous with 50 Mbps download and 5 Mbps upload. Unfortunately they do not have any solid historical network data capture software such as Cacti so before setting up such a service I had to provide initial data via what was available. One of the tools I was able to use was the dashboard data that lives in memory on their FortiGate 200A. Below is information on where to find this information in the FortiGate 200A dashboard.
Earlier today I needed to find the quickest and easiest way to monitor all traffic to and from a specific device on my network. The goal was to see how much bandwidth based on a specific amount of time that the device was using. My initial hope was that I could configure port monitoring on my WRT54G running DD-WRT firmware however I quickly found out this is not an option. I eventually settled on adding a couple iptables commands that would send all traffic destined for or sourced from a specific IP address to another IP address. Follow the directions below to add the iptables commands to a router running DD-WRT firmware and then to capture the traffic on a computer running Wireshark.