Russian koi-8

BPF traffic collector v4

BPFT is a traffic accounting daemon and data manadgement toos. Daemon builds on top of libpcap and uses BPF mechanism for capturing IP traffic. (BPF is a Berkley Packet Filter "pseudo-device").

Features

  • Logging all ip traffic on a specified network interface. Store information of source and destination IP addresses and ports, number of packets and transmitted/received bytes.
  • Store all information into one binary file in compact form (via cron).
  • Retrieve stored information on different criterias.
  • Retrieve actial (not stored) information from daemon via network or local socket.
  • Save backups from memory into disk file (via cron usually), restore at daemon start.
  • Tested on FreeBSD and OpenBSD.

    Requirements

  • Unix-like OS
  • PCAP library

    Autors

    Vladimir Vorobyev create BPFT project and make version up to bpft 2.0
    Vitaly V. Belekhov made TRAFD v.3.0
    Stas Degteff made and develop BPFT v.4 and create this page.

    Add-ons

  • Scripts to process the BPFT statistics with MySQL is written by Andrey Y. Ostanovsky.
  • Scripts set to build a html files where contents daily and monthly statistics is written by Albert MW.

    Related resources

  • trafd v3 by Stanislav Svirid & Dmitry Frolov
  • bpft prior to v3 by Vladimir Vorobyev
  • IPCAD by Lev Walkin
  • IPBANG: IP Bandwidth Watchdog by Andrew Nevynniy
  • IPACCTD: IP Accounting Daemon by Roman V. Palagin
  • NG_IPACCT: IP Accounting Netgraph Module by Roman V. Palagin (FreeBSD >=4.x only)
  • NETAMS: Network Traffic Accounting and Monitoring Software by Anton L. Vinokurov and Yuriy N. Shkandybin (not fully free).
  • Original NET-ACCT by Ulrich Callmeier and many volunteers.
  • net-acct clone by Richard Clark
  • netacct-mysql by Boril Yonchev
  • IPA: IP Accounting Software by Andrey Simonenko (*BSD only, uses firewall rules)
    BPFT4 project and this page hosted on
    using it's services.     		SourceForge.net Logo