iptraf
Table of Contents
iptraf
Oct 2019
Iptraf is an interactive and colorful IP Lan monitor. It shows individual connections and the amount of data flowing between the hosts.
Install iptraf on CentOS/RHEL/Red Hat/Fedora Linux
yum install iptraf -y
Using iptraf
From the command line, simply enter:
iptraf-ng
This will start the iptraf application.
iptraf-ng 1.1.4
┌─────────────────────────────────┐
│ IP traffic monitor │
│ General interface statistics │
│ Detailed interface statistics │
│ Statistical breakdowns... │
│ LAN station monitor │
│─────────────────────────────────│
│ Filters... │
│─────────────────────────────────│
│ Configure... │
│─────────────────────────────────│
│ About... │
│─────────────────────────────────│
│ Exit │
└─────────────────────────────────┘
Displays current IP traffic information
Up/Down-Move selector Enter-execute
Select IP traffic monitor, and you will see an interface list:
┌─────────────────────────────────┐
┌ Select Interface ────┐ │
│ All interfaces │statistics │
│ lo │ statistics │
│ eth0 │owns... │
│ eth1 │r │
│ eth3 │──────────────│
│ eth2 │ │
│ │──────────────│
│ │ │
│ │──────────────│
│ │ │
│ │──────────────│
│ │ │
└──────────────────────┘──────────────┘
Select the desired interface to start monitoring (or just select All interfaces):
iptraf-ng 1.1.4 ┌ TCP Connections (Source Host:Port) ────────────────────── Packets ────── Bytes ─ Flag Iface ─────┐ │┌10.43.30.13:22 > 2199 288584 -PA- eth0 │ │└10.14.2.54:5053 > 2120 106550 --A- eth0 │ │┌127.0.0.1:38974 > 10428 1336680 --A- lo │ │└127.0.0.1:6382 > 9480 417120 -PA- lo │ │┌127.0.0.1:34210 > 2 80 --A- lo │ │└127.0.0.1:6380 = 0 0 ---- lo │ │┌127.0.0.1:6380 = 0 0 ---- lo │ │└127.0.0.1:34212 > 1 40 --A- lo │ │┌127.0.0.1:63244 > 276 16572 --A- lo │ │└127.0.0.1:6380 > 158 27946 -PA- lo │ │┌10.43.30.13:58778 > 208 32364 -PA- eth0 │ │└10.43.30.11:5672 > 208 9574 --A- eth0 │ │┌127.0.0.1:42348 > 384 19200 --A- lo │ │└127.0.0.1:705 > 192 13056 -PA- lo │ │┌10.43.30.13:58772 > 42 3694 -PA- eth0 │ └ TCP: 114 entries ───────────────────────────────────────────────────────────────────── Active ─┘ ┌───────────────────────────────────────────────────────────────────────────────────────────────────┐ │ UDP (1344 bytes) from 12.43.30.13:10444 to 239.0.11.11:6009 on eth3 │ │ UDP (1344 bytes) from 12.43.30.13:10444 to 239.0.11.11:6003 on eth3 │ │ UDP (1344 bytes) from 12.43.30.13:10444 to 239.0.11.11:6008 on eth3 │ │ UDP (1344 bytes) from 12.43.30.13:10444 to 239.0.11.11:6009 on eth3 │ │ UDP (216 bytes) from 12.43.30.13:10444 to 239.0.11.11:6001 on eth3 │ │ UDP (1344 bytes) from 12.43.30.13:10444 to 239.0.11.11:6008 on eth3 │ │ UDP (1344 bytes) from 12.43.30.13:10444 to 239.0.11.11:6003 on eth3 │ └ Bottom ────── Elapsed time: 0:01 ───────────────────────────────────────────────────────────────┘ Packets captured: 356591 │ TCP flow rate: 23.69 kbps Up/Dn/PgUp/PgDn-scroll M-more TCP info W-chg actv win S-sort TCP X-exit
While this gives a lot of information, it is more a 'Wireshark' style output.
General Interface Statistics is a good one for monitoring bandwidth.
iptraf-ng 1.1.4 ┌ Iface ───────────── Total ─────── IPv4 ────── IPv6 ────── NonIP ── BadIP ──────── Activity ───────┐ │ lo 17660 17660 0 0 0 300.90 kbps │ │ eth0 3102 3102 0 0 0 36.31 kbps │ │ eth1 0 0 0 0 0 0.00 kbps │ │ eth3 208374 208374 0 0 0 36554.82 kbps │ │ eth2 11 11 0 0 0 0.50 kbps │ │ │ │ │ │ │ │ │ │ │ │ │ │ │ │ │ │ │ │ │ │ │ │ │ │ │ │ │ │ │ │ │ │ │ │ │ │ │ │ │ └ Elapsed time: 0:01 ───────────────── Total, IP, NonIP, and BadIP are packet counts ─────────────┘ Up/Down/PgUp/PgDn-scroll window X-exit
iptraf.txt · Last modified: 2023/03/09 22:35 by 127.0.0.1