Must-see | A must-have tool in Linux OPS that makes you 10 times times easier

A：“A办公区的网络不太好咦”

B: "Today, the C area is very fast."
　　
C: "Upload so fast, how can I download so slowly?" ”
　　
The above scenario, as the Linux ops just get started, these problems should be frequently encountered. What is the way to get to know the situation quickly and easily?
　　
The above situation may be related to system resources, network status, network traffic, or it may be related to one of them.
　　
　　 in the Linux system
　　
Top You can view information such as system resources, processes, memory usage, and so on.
　　
Netstat, nmap can view network status.
　　
The iftop can be used to view real-time network traffic, monitor TCP/IP connectivity, and more.
　　
Today, I will introduce you to a tool that is often used in Linux systems--iftop
　　
　　 Iftop Tools Introduction
　　
Iftop is a network monitoring tool that provides real-time bandwidth monitoring.
　　
You can measure the total amount of data coming in and out of each socket connection, capturing packets received or sent over a network adapter, and then adding that data to the bandwidth used.
　　
Iftop can also be used to monitor the real-time traffic of network cards (can specify network segments), reverse IP resolution, display port information, etc.
　　
　 Download the source package
　　
We use the compilation installs the Iftop, first need to download the source package from the Iftop official website.
　　
The small day has been prepared for you the latest source package
　　
as follows: http://www.ex-parrot.com/~pdw/iftop/

　　
Install the necessary environment for the basic compilation, such as Make, GCC, autoconf, etc.
　　
You will also need to install Libpcap and libcurses.
　　
Yum Install Flex BYACC libpcap ncurses ncurses-devel libpcap-devel-y
　　
　　 unzip, compile and install
　　
Tar zxvf iftop-1.0pre4.tar.gz
　　
CD Iftop-1.0pre4
　　
./configure--prefix=/usr/local/iftop
　　
Make && make install
　　
If an error (missing pcap.sh, you also need to install libpcap-devel-1.5.3-11.el7.x86_64.rpm):

　　
　　 Click the link
　　
Https://pan.baidu.com/s/1b6WbVSyN-j4QVpycNrKJ4Q Password: cek9
　　
(Download the installation package) or click "Read Original" in the end of the article to enter the download page
　　
　　 then go back to the steps above:
　　
RPM–IVH--nodeps libpcap-devel-1.5.3-11.el7.x86_64.rpm
　　
CD Iftop-1.0pre4
　　
./configure--prefix=/usr/local/iftop
　　
Make && make install
　　
　　 To Run the Iftop tool:
　　
/usr/local/iftop/sbin/iftop
　　
　 effects such as:

　　
　　 Parameters and Description
　　
　　 1, Iftop interface related instructions
　　
The interface above shows a scale range similar to that of the scale, which is used as a ruler for the bar showing the flow graph.
　　
The <= in the middle and the two left and right arrows indicate the direction of the flow.
　　
TX: Send Traffic
　　
RX: Receive Traffic
　　
Total: Overall flow
　　
Cumm: Total traffic running iftop to current time
　　
Peak: Traffic Peaks
　　
Rates: Represents the average traffic for the past 2s 10s 40s, respectively
　　
　　 2, iftop related parameters
　　
Common parameters
　　
-I set the monitoring network card, such as: # Iftop-i eth1
　　
-B displays traffic in bytes (default is bits), such as: # Iftop-b
　　
-N Causes the host information to display IP directly by default, such as: # Iftop-n
　　
-N causes port information to be displayed by default directly, such as: # Iftop-n
　　
-F shows incoming and outgoing traffic for a specific segment, such as # iftop-f 10.10.1.0/24 or # iftop-f 10.10.1.0/255.255.255.0
　　
-H (Display this message), Help, display parameter information
　　
-p after using this parameter, the middle list shows the local host information, and the IP information outside of this machine appears;
　　
-B to display the flow graph bar by default;
　　
-P enables host information and port information to be displayed by default;
　　
-M sets the maximum value of the top-most scale of the interface, with a scale of five large segments, for example: # iftop-m 100M
　　
Some operation commands after entering the Iftop screen (note case)
　　
Press H to toggle whether help is displayed;
　　
Press N to toggle the display of the IP or host name of the machine;
　　
Press S to toggle whether the host information of the machine is displayed;
　　
Press D to toggle whether the host information of the remote target hosts is displayed;
　　
Press T to toggle the display format to 2 lines/1 lines/Only send traffic/show receive traffic only;
　　
Press N to toggle display port number or port service name;
　　
Press S to toggle whether to display the port information of the machine;
　　
Press D to toggle whether the port information of the remote target host is displayed;
　　
Press p to toggle whether the port information is displayed;
　　
Press p to toggle pause/resume display;
　　
Press B to toggle whether the average flow graph bar is displayed;
　　
The average flow in 2 seconds or 10 seconds or 40 seconds is calculated by B switch;
　　
Press T to toggle whether the total traffic for each connection is displayed;
　　
Press L to turn on the screen filtering function, enter the characters to filter, such as IP, press ENTER, the screen will only show this IP-related traffic information;
　　
Press L to toggle the scale on the top of the display screen, and the flow graph bar will change depending on the scale;
　　
Press J or press K to scroll up or down the screen to display the connection record;
　　
Press 1 or 2 or 3 to sort by the three-column traffic data displayed on the right;
　　
Sort by < According to the native name or IP on the left;
　　
Sort by > According to the host name or IP of the remote target host;
　　
Press O to toggle whether the current connection is fixed only;
　　
Press F to edit the filter code, this is translated by the saying, I have not used this!
　　
You can use the shell command, this is useless! I don't know what the order is.
　　
　 Press Q to exit the monitor.
　　
In Linux operations, there are many such tools and methods to use, want to quickly learn these? Have many years of experience in the teacher, take you to learn Linux operations, let you less detours.

文章来源：Linux培训（http://www.runtimewh.com/xwzx/hydt/2018/0903/3139.html）

Must-see | A must-have tool in Linux OPS that makes you 10 times times easier