If you are a network administrator you probably come across a situation your bandwidth is chocked, but you don't know who is downloading more in the network.
iftop is a handy tool to help you in such a situation.
iftop is a Linux command which can run in Linux based routers.
iftop does for network usage what top(1) does for CPU usage. It listens to network traffic on a named interface and displays a table of current bandwidth usage by pairs of hosts.
Options in iftop command:
-h Print a summary of usage.
-n Don't do hostname lookups.
-N Do not resolve port number to service names
-p Run in promiscuous mode, so that traffic which does not pass directly through the specified interface is also counted.
-P Turn on port display.
-l Display and count datagrams addressed to or from link-local IPv6 addresses. The default is not to display that address category.
-b Don't display bar graphs of traffic.
-m limit
Set the upper limit for the bandwidth scale. Specified as a number with a 'K', 'M' or 'G' suffix.
-B Display bandwidth rates in bytes/sec rather than bits/sec.
-i interface
Listen to packets on interface.
-f filter code
Use filter code to select the packets to count. Only IP packets are ever counted, so the specified code is evaluated as (filter
code) and ip.
-F net/mask
Specifies an IPv4 network for traffic analysis. If specified, iftop will only include packets flowing in to or out of the given
network, and packet direction is determined relative to the network boundary, rather than to the interface. You may specify mask
as a dotted quad, such as /255.255.255.0, or as a single number specifying the number of bits set in the netmask, such as /24.
-G net6/mask6
Specifies an IPv6 network for traffic analysis. The value of mask6 can be given as a prefix length or as a numerical address
string for more compound bitmasking.
-c config file
Specifies an alternate config file. If not specified, iftop will use ~/.iftoprc if it exists. See below for a description of
config files
-t text output mode
Use text interface without ncurses and print the output to STDOUT.
Update:
if you want to find out the historic data of bandwidth usage: please see this post : http://www.techeia.com/2017/04/find-who-is-using-bandwidth-nfdump.html
-n Don't do hostname lookups.
-N Do not resolve port number to service names
-p Run in promiscuous mode, so that traffic which does not pass directly through the specified interface is also counted.
-P Turn on port display.
-l Display and count datagrams addressed to or from link-local IPv6 addresses. The default is not to display that address category.
-b Don't display bar graphs of traffic.
-m limit
Set the upper limit for the bandwidth scale. Specified as a number with a 'K', 'M' or 'G' suffix.
-B Display bandwidth rates in bytes/sec rather than bits/sec.
-i interface
Listen to packets on interface.
-f filter code
Use filter code to select the packets to count. Only IP packets are ever counted, so the specified code is evaluated as (filter
code) and ip.
-F net/mask
Specifies an IPv4 network for traffic analysis. If specified, iftop will only include packets flowing in to or out of the given
network, and packet direction is determined relative to the network boundary, rather than to the interface. You may specify mask
as a dotted quad, such as /255.255.255.0, or as a single number specifying the number of bits set in the netmask, such as /24.
-G net6/mask6
Specifies an IPv6 network for traffic analysis. The value of mask6 can be given as a prefix length or as a numerical address
string for more compound bitmasking.
-c config file
Specifies an alternate config file. If not specified, iftop will use ~/.iftoprc if it exists. See below for a description of
config files
-t text output mode
Use text interface without ncurses and print the output to STDOUT.
Update:
if you want to find out the historic data of bandwidth usage: please see this post : http://www.techeia.com/2017/04/find-who-is-using-bandwidth-nfdump.html
No comments:
Post a Comment
Dear visitor,
Please do not post spam. All comments will be moderated before approval.