Linux uses iftop to monitor network card traffic in real time

Linux uses iftop to monitor the traffic of the network card in real time. The specific content is as follows:

iftop can be used to monitor the real-time traffic of the network card (you can specify the network segment), reverse resolve IP, display port information, etc.

In Linux/Unix-like systems, you can use top to view information such as system resources, processes, and memory usage. You can use tools such as netstat and nmap to check the network status. If you want to view real-time network traffic, monitor TCP/IP connections, etc., you can use iftop.

Install iftop

If you use compilation and installation, you can download the latest source package from iftop official website. Before installation, you need to have installed the basic compilation environment, such as make, gcc, autoconf, etc. Installing iftop also requires installing libpcap and libcurses.

Install the required dependency packages on CentOS:

yum install -y gcc flex byacc libpcap ncurses ncurses-devel libpcap-devel tcpdump

Appendix: Dependency packages required for installation on Debian:

apt-get install flex byacc libpcap0.8 libncurses5

Download the source code and compile and install

cd /usr/local/src
wget http://www.ex-parrot.com/pdw/iftop/download/iftop-0.17.tar.gz
tar xvf iftop-0.17.tar.gz
cd iftop-0.17
./configure --prefix=/usr/local/iftop
make
make install
chmod 700 /usr/local/sbin/iftop #Modify IFTOP permissions

How to use

/usr/local/iftop/sbin/iftop
/usr/local/iftop/sbin/iftop -i eth0 -n to see the traffic status of eth0 network card

Appendix: Debian system operation: apt-get install iftop

If you did not customize the path when installing iftop, you can view traffic statistics by running iftop directly, for example: iftop or iftop -i eth0 -n

Related parameters and descriptions

1. Iftop interface related instructions

The interface displays a scale range similar to a ruler, which is used as a ruler to display the long bar of the flow graph. The two left and right arrows <= => in the middle indicate the direction of traffic.

TX: Send traffic

RX: Receive traffic

TOTAL: Total traffic

Cumm: total traffic from iftop up to now

peak: traffic peak

Rates: represents the average flow rate in the past 2s, 10s, and 40s.

2. iftop related parameters

Commonly used parameters

-i sets the monitored network card, such as: # iftop -i eth1

-B displays traffic in bytes (bits by default), such as: # iftop -B

-n makes the host information display the IP directly by default, such as: # iftop -n

-N makes the port information display the port number by default, such as: # iftop -N

-F displays the inbound and outbound traffic of a specific network segment, such as # iftop -F 10.10.1.0/24 or # iftop -F 10.10.1.0/255.255.255.0

-h (display this message), help, display parameter information

-p After using this parameter, the local host information displayed in the middle list will include IP information other than the local host.

-b makes the traffic graph bar displayed by default;

-f is not very useful yet, it is used to filter calculation packages;

-P makes both host information and port information displayed by default;

-m sets the maximum value of the scale at the top of the interface. The scale is divided into five large segments. For example: # iftop -m 100M

Some operation commands after entering the iftop screen (pay attention to uppercase and lowercase)

Press h to toggle whether to display help;

Press n to switch to display the local IP or host name;

Press s to switch whether to display the host information of this machine;

Press d to switch whether to display the host information of the remote target host;

Press t to switch the display format to 2 lines/1 line/only show the sent traffic/only show the received traffic;

Press N to switch to display port number or port service name;

Press S to switch whether to display the port information of this machine;

Press D to switch whether to display the port information of the remote target host;

Press p to switch whether to display port information;

Press P to toggle pause/resume display;

Press b to toggle whether to display the average flow graph bar;

Press B to switch to calculate the average flow rate within 2 seconds, 10 seconds or 40 seconds;

Press T to toggle whether to display the total traffic of each connection;

Press l to open the screen filter function, enter the characters to be filtered, such as ip, and press enter, the screen will only display the traffic information related to this IP;

Press L to switch the scale on the upper side of the display; the flow graph bar will change with different scales;

Press j or k to scroll up or down the connection records displayed on the screen;

Press 1 or 2 or 3 to sort the traffic data according to the three columns displayed on the right;

Press < to sort by local machine name or IP on the left;

Press > to sort by the host name or IP address of the remote target host;

Press o to switch whether to display only the current connection;

Press f to edit the filter code. This is the translated statement. I haven't used this yet!

Press ! to use the Shell command, which I have never used! I don't understand what command is useful here!

Press q to exit monitoring.

FAQ 1

make: yacc: Command not found
make: *** [grammar.c] Error 127

Solution:

apt-get install byacc / yum install byacc

FAQ 2

configure: error: Curses! Foiled again!
(Can't find a curses library supporting mvchgat.)
Consider installing ncurses.

Solution:

apt-get install libncurses5-dev / yum install ncurses-devel

FAQ 3

configure: error: can't find pcap.h
You're not going to get very far without libpcap.
(Can't find a curses library supporting mvchgat.)

Solution:

apt-get install libpcap-devel / yum install libpcap-devel

Supplement: Let's look at another method, Linux real-time network card traffic monitoring

yum install –y sysstat

sar -n DEV 1

watch -n 1 "ifconfig enp0s8"


In summary, the above is what I introduced to you about using iftop in Linux to monitor the traffic of the network card in real time. I hope it will be helpful to you. If you have any questions, please leave me a message and I will reply to you in time. I would also like to thank everyone for their support of the 123WORDPRESS.COM website! If you find this article helpful, please feel free to reprint it and please indicate the source. Thank you!