[ Thanks to Artem
Nosulchik for this link. ]
“Using nfsen it is possible to view IP traffic
statistics on Linux interfaces including the graphs showing data
sent and received (see the screenshot to the right) as well as
historical information about all data transfers. So after you’ve
configured nfsen and nfdump to monitor traffic on certain Linux
server or router you’ll be able to answer the following example
questions: What IP was downloading data through 48161 last
Wednesday? or How many bytes were sent to IP 8.8.8.8 via 53 port
from Linux server? These are the only examples so nfdump and nfdump
netflow tools gives you wide range of capabilities to monitor and
analyze traffic on your Linux host.“Netflow is the protocol developed by Cisco to manage data about
IP traffic. In a few words using Netflow you can collect data about
all IP data send/received on multiple Cisco/Linux/BSD/Juniper hosts
and send it to central Netflow collector that will show you the
nice graphs and also will allow to have a complete picture of what
data was sent/received on those hosts (including destination and
source IP, port, bytes transfered, int/out interfaces etc). Nfdump
is netflow collector. Nfsen is graphical tools for generating
graphs and querying Nfdump for historical traffic reports. In this
article you will see how to deploy all this staff in Linux.”