10514 questions

12523 answers

19448 comments

22055 members

0 votes
236 views 1 comments
by
I have a RUT230 modem currently and having issues recently with unknown traffic. The SIM card I have installed has suddenly been uploading around 1GB a day and is causing me issues.

Is there a way to work out where the traffic is coming from/to? I was going to run something like wire shark however not sure if that would be possible as it would on check the traffic between my laptop and the RUT.

The modem talks to a device which monitors instruments on the field. I am not sure if it would be best to block all traffic bar the IP address of my phone for example or maybe set up some sort of VPN into the network? I’m just not sure.

Any advice would be appreciated.

Zap

1 Answer

0 votes
by

Hello,

It won't hurt to look at the Connections tab, you'll have the source/dest/ports and volumes exchanged. Or you can run tcpdump on the TUT230 but the filtering may not be easy. You can try something like:

tcpdump -i any -n -v 'not host ip_of_laptop'

or if you have a linux box around you can try:

ssh rut230 tcpdump -i any -n -U -s0 -w - 'not host ip_of_laptop' | sudo wireshark -k -i -

Regards,

by

Hello,

Thank you for contacting.

You can monitor traffic in the webui itself in Status>Mobile Traffic. 

But for the deep inspection you need to enable tcp dump in the system>Administration>Troubleshoot>TCP Dump.

After enabling , you can see downloading the tcp dump file there. And you can see where the data is being consumed. 

Thank you.

Regards,

Ahmed