Wednesday, 9 September 2009

Monitor network traffic using iptraf

Today I found a nifty little tool to monitor and measure IP network activity called IPTraf - an ncurses text based interactive tool written by Gerard Paul Java.

To install on a Ubuntu system, use:

sudo apt-get install iptraf

and to run, use:

sudo iptraf

It has several modes of monitoring, from IP traffic view, interface statistics, detailed interface statistics, statistical breakdowns (by packet size and by TCP/UDP port) to name but a few:

The IP traffic view displays TCP connections and a scrolling IGMP/UDP activity window; it's kind of useful but with a busy machine it can be rather too hectic with so much information being updated.

The "Detailed interface statistics" option dumps running totals on IP, TCP, UDP, ICMP, other IP and non-IP traffic, giving total rates and input/output rates on a selected network interface:

The "Statistical breakdowns..." option allows one to look at interface activity in terms of break down by packet size or by TCP/UDP port. Below is the TCP/UDP port breakdown:

There are a bunch of other options to set up filtering an a large set of tweakable configuration options one can play with. It's one of those tools that's handy to quickly see what's going on one's network interfaces and I recommend installing it and playing around with it to see it's full potential.

No comments:

Post a Comment