Iftop Network card traffic monitoring software

Install dependent packages

Yum Install Flex BYACC libpcap ncurses ncurses-devel libpcap-devel

Download Iftop

wget http://www.ex-parrot.com/%7Epdw/iftop/download/iftop-0.17.tar.gz

Installation

./configure--prefix=/usr/local/iftop

Make;make Install

Start

/usr/local/iftop/sbin/iftop

650) this.width=650; "title=" iftop.jpg "src=" http://s3.51cto.com/wyfs02/M01/73/09/ Wkiol1xykpqsky7haavg0mpt18a250.jpg "alt=" Wkiol1xykpqsky7haavg0mpt18a250.jpg "/>

The interface above shows a scale range similar to that of the scale, which is used as a ruler for the bar showing the flow graph.

middle of <= = The two left and right arrows, indicating the direction of the traffic, 2 rows, the flow in and out is calculated separately, the line is added together in the calculation, the single display in or out is a separate incoming or out of the flow.

three column values on the right :

The first column is the average flow of 2s or 10s or 40s before this refresh (set the number of seconds by B);

The second column is: Half of the total traffic for 10 seconds before this refresh;

The third column is: 1/5 of the total traffic for 40 seconds before this refresh;

In the middle of the list , the default is not sorted, the 10-second average traffic in the top row.

The bottom three line of the interface shows the amount of traffic that is sent, received, and aggregated, the right values are total traffic (filtered, no filtering is all), peak traffic within 40 seconds prior to this refresh, average transfer rate for the last 2 seconds, average transfer rate for the last 10 seconds, Average transfer rate for the last 40 seconds.

Common parameters:

#/usr/local/iftop/sbin/iftop Help//View assistance commands

-I set the monitoring network card, such as: # Iftop-i eth1

-B displays traffic in bytes (default is bits), such as: # Iftop-b

-N Causes the host information to display IP directly by default, such as: # Iftop-n

-N causes port information to be displayed by default directly, such as: # Iftop-n

-F shows incoming and outgoing traffic for a specific segment, such as # iftop-f 192.168.9.0/24 or # iftop-f 192.168.9.0/255.255.255.0

-H (Display this message) don't understand what it means ... Hehe

-p after using this parameter, the middle list shows the local host information, and the IP information outside of this machine appears;

-B to display the flow graph bar by default;

-F This is not very likely to use, filter the calculation of the packet;

-P enables host information and port information to be displayed by default;

-M sets the maximum value of the top-most scale of the interface, with a scale of five large segments, for example: # iftop-m 100M

-C Specify the specific settings file, temporarily useless;

Enter Iftop Some operation commands after the screen ( Note Case ) :

Press H to toggle whether help is displayed;

Press N to toggle the display of the IP or host name of the machine;

Press S to toggle whether the host information of the machine is displayed;

Press D to toggle whether the host information of the remote target hosts is displayed;

Press T to toggle the display format to 2 lines/1 lines/Only send traffic/show receive traffic only;

Press N to toggle display port number or port service name;

Press S to toggle whether to display the port information of the machine;

Press D to toggle whether the port information of the remote target host is displayed;

Press p to toggle whether the port information is displayed;

Press p to toggle pause/resume display;

Press B to toggle whether the average flow graph bar is displayed;

The average flow in 2 seconds or 10 seconds or 40 seconds is calculated by B switch;

Press T to toggle whether the total traffic for each connection is displayed;

Press L to turn on the screen filtering function, enter the characters to filter, such as IP, press ENTER, the screen will only show this IP-related traffic information;

Press L to toggle the scale on the top of the display screen, and the flow graph bar will change depending on the scale;

Press J or press K to scroll up or down the screen to display the connection record;

Press 1 or 2 or 3 to sort by the three-column traffic data displayed on the right;

Sort by < According to the native name or IP on the left;

Sort by > According to the host name or IP of the remote target host;

Press O to toggle whether the current connection is fixed only;

Press F to edit the filter code, this is translated by the saying, I have not used this!

You can use the shell command, this is useless! I don't know what the order is.

Press Q to exit the monitor.

This article is from the "Fluffy Duck" blog, please be sure to keep this source http://woshitieren.blog.51cto.com/2466034/1693868

Iftop Network card traffic monitoring software