监控网络使用情况,不包括本地流量 [英] Monitoring network usage excluding local traffic
问题描述
我正在使用一个监控网络使用情况的应用程序。但我注意到很多方法不允许排除本地流量(例如Time Machine)。
我在寻找一种排除本地流量的方法,
更新:感谢您的回复,现在我知道如何查找流量是本地的,但我仍然不知道如何计算总输入/输出字节(对不起,如果我没有详细阐述)。我无法知道在一定时间段内或操作系统启动后在本地(或互联网)发送/接收多少字节。问题的答案如何获取网络适配器统计信息在linux / Mac OSX?一个有趣的方式总结总使用,但它没有帮助,因为它的使用总结是接口统计。
更新2 :我发布了我的最终解决方案。
最后的工作解决方案是使用 libpcap 来实现这一点。当然有一些缺点,包括它需要提升的权限,必须捕获所有过滤的数据包来计算统计,但至少它的工作原理很好。
许多文档和教程在 libpcap 是相当彻底和清楚,我建议每个人对这个解决方案感兴趣,看看那些与相对较少的google-fu努力。
也可能有兴趣的几个,我的过滤器的互联网流量只是以下 -
- (NSString * interface _fontterStringForInterface:(AKNetworkInterface *)interface
inOrOut:(BOOL)inYesOutNo
{
if(![interface net] ||![interface mask] || IsEmpty ))
{
return nil;
}
NSString * hostType = inYesOutNo? @dst:@src;
NSString * host = nil;
for(NSString * hostComponent in [interface addresses])
{
if(IsEmpty(hostComponent))continue;
if(!host)
host = [NSString stringWithFormat:@(%@ host%@,hostType,hostComponent];
else
host = [host stringByAppendingFormat:@ or%@ host%@,hostType,hostComponent];
}
host = [host stringByAppendingString:@)];
NSString * net = [interface netString];
net = [net stringByReplacingOccurrencesOfString:@。0withString:@];
NSString * filter = [NSString stringWithFormat:
@ip and(not%@ net%@)and%@,
inYesOutNo? @src:@dst,
net,host];
return filter;
}
过滤器设计有一些答案, ',我知道它不包括一些边缘情况,如双NAT配置等,但我想看到关于这个建议。
我知道 net = [net stringByReplacingOccurrencesOfString:@。0withString:@]; 只是一个快速的黑客在一些特殊的情况下可能会失败,但没有人抱怨,至少尚未。
I am working on an app that monitors network usage. However I noticed many ways to do this does not allow exclusion of local traffic (say, Time Machine).
I am looking for a way to exclude local traffic, and only monitors usage that goes directly to/from the internet.
Update: Thank you for your replies, now I know how to find if the traffic is local, but I still don't know how I can calculate total in/out bytes (sorry if I didn't elaborate earlier). I have no way of knowing how many bytes are sent/received locally (or to the internet) in a certain period of time, or since the OS starts. This problem is further complicated by the fact processes are launched or killed when the OS is running.
The answer to the question How to get network adapter stats in linux/Mac OSX? gives an interesting way of summing up total usage but it doesn't help because the usage it sums up are interface statistics.
Update 2: I've posted my final solution to this. Please scroll down a bit to see.
The final working solution I have is to use libpcap to achieve this. Of course there are some downsides, which includes it requires elevated privileges and must capture all filtered packets to calculate statistics, but at least it works perfectly well.
Many documentations and tutorials on libpcap is fairly thorough and clear, I suggest every one interested in this solution to look at those with relatively little google-fu effort.
Also it may interest a few that my filter for internet traffic is simply the following -
- (NSString *)_internetFilterStringForInterface:(AKNetworkInterface *)interface
inOrOut:(BOOL)inYesOutNo
{
if (![interface net] || ![interface mask] || IsEmpty([interface addresses]))
{
return nil;
}
NSString *hostType = inYesOutNo ? @"dst" : @"src";
NSString *host = nil;
for (NSString *hostComponent in [interface addresses])
{
if (IsEmpty(hostComponent)) continue;
if (!host)
host = [NSString stringWithFormat:@"(%@ host %@", hostType, hostComponent];
else
host = [host stringByAppendingFormat:@" or %@ host %@", hostType, hostComponent];
}
host = [host stringByAppendingString:@")"];
NSString *net = [interface netString];
net = [net stringByReplacingOccurrencesOfString:@".0" withString:@""];
NSString *filter = [NSString stringWithFormat:
@"ip and (not %@ net %@) and %@",
inYesOutNo ? @"src" : @"dst",
net, host];
return filter;
}
The filter is designed with some of the answers about what counts as 'local traffic', I know it does not encompass some edge cases such as double NAT configurations, etc., but I would like to see suggestions about this.
I know net = [net stringByReplacingOccurrencesOfString:@".0" withString:@""]; is just a quick hack which could easily fail under some peculiar circumstances but hey no one is complaining, at least not yet.
这篇关于监控网络使用情况,不包括本地流量的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!
