Statistics on LAN traffic and Linux LAN traffic in linux

Statistics on LAN traffic and Linux LAN traffic in linux

 

1: Count the Intranet traffic of 10.86.0.0/16

Save the following script as a file traffic-lan.sh (wait for 10 seconds to capture packets after running)

tcpdump -nqt src net 10.86.0.0/16 and dst net ! 10.86.0.0/16 \> /tmp/tcpdump_temp 2>&1 &sleep 10kill `ps aux | grep tcpdump | grep -v grep | awk '{print $2}'`#awk '{s[$2] += $6}END{ for(i in s){  print i, s[i] } }' /tmp/tcpdump_tempcat /tmp/tcpdump_temp|grep 'IP ' \|awk -F'[. ]' '{s[$2"."$3"."$4"."$5]+=$14}END{for(i in s){print i"\t"s[i]}}' \|sort -n -r -k 2

 

2: Count the traffic to the Internet IP Address

Save the following script as a file traffic-wan.sh (wait for 10 seconds to capture packets after running)

tcpdump -nqt src net 10.86.0.0/16 and dst net ! 10.86.0.0/16 \> /tmp/tcpdump_temp 2>&1 &sleep 10kill `ps aux | grep tcpdump | grep -v grep | awk '{print $2}'`#awk '{s[$2] += $6}END{ for(i in s){  print i, s[i] } }' /tmp/tcpdump_tempcat /tmp/tcpdump_temp|grep 'IP ' \|awk -F'[. ]' '{s[$8"."$9"."$10"."$11]+=$14}END{for(i in s){if(s[i]>0)print i"\t"s[i] fi}}' \|sort -n -r -k 2

 

3: You can count the improved versions of UDP.

tcpdump -i ens3 -nqt src net 10.86.0.0/16 and dst net ! 10.86.0.0/16\|sed 's/.[0-9]\+\s>//g'|sed 's/.[0-9]\+://g'\|sed 's/, length//g'\> /tmp/tcpdump_temp 2>&1 &sleep 5kill `ps aux | grep tcpdump | grep -v grep | awk '{print $2}'`cat /tmp/tcpdump_temp\|awk '{s[$3]+=$5}END{for(i in s){if(s[i]>0)print i"\t"s[i] fi}}'\|sort -n -r -k 2echo "finish."

 

4: Later I found that iftop can complete similar functions.

iftop -o destination -t -s 1 -L 10

 

5: Find out the most outgoing traffic

iftop -nNP -o destination -t -s 3 -L 1