Iftop

Last updated
iftop
Developer(s) Paul Warren
Initial releaseMarch 2, 2002;22 years ago (2002-03-02) [1]
Stable release
0.17
Repository https://code.blinkace.com/pdw/iftop
Written in C
Operating system Unix-like
Type Bandwidth usage / System monitor
License GNU General Public License
Website www.ex-parrot.com/pdw/iftop/

Iftop is a free software command-line system monitor tool developed by Paul Warren. It produces a real-time stream of incoming and outgoing network communications from the operating system iftop is running within. [2] By default, the connections are ordered by bandwidth usage, with only the largest ("top") bandwidth consumers shown. It is analogous to top, but instead of system-wide resource monitoring, it focuses on displaying just network usage. Iftop is typically used for monitoring bandwidth consumption, and while investigating unknown consumers of available network bandwidth.

Contents

Description

iftop are passive monitoring tool. This program monitors network traffic and displays a table of current bandwidth usage, bandwidth measured in bits per second at default, and may be changed to bytes per seconds with the command line option [3] .

An interface may be specified' if not, it will listen on the first interface it finds that appears to be external.

By default, iftop will look up hostnames associated with addresses and counts all IP packets that pass through the filter.

A feature of iftop is that it can suppress display of DNS traffic by using a filter code such as "not port domain", or switch it off entirely, by using the -n option or by pressing "n" when the program is running. Using the -F option makes it possible to show packets entering and leaving a given network.

iftop may be used for inspecting TCP or UDP ports also, using the option -P [3] .

See also

Related Research Articles

In computing, traceroute and tracert are computer network diagnostic commands for displaying possible routes (paths) and measuring transit delays of packets across an Internet Protocol (IP) network. The history of the route is recorded as the round-trip times of the packets received from each successive host in the route (path); the sum of the mean times in each hop is a measure of the total time spent to establish the connection. Traceroute proceeds unless all sent packets are lost more than twice; then the connection is lost and the route cannot be evaluated. Ping, on the other hand, only computes the final round-trip times from the destination point.

tcpdump Data-network packet analyzer

tcpdump is a data-network packet analyzer computer program that runs under a command line interface. It allows the user to display TCP/IP and other packets being transmitted or received over a network to which the computer is attached. Distributed under the BSD license, tcpdump is free software.

Unix security refers to the means of securing a Unix or Unix-like operating system. A secure environment is achieved not only by the design concepts of these operating systems, but also through vigilant user and administrative practices.

Network utilities are software utilities designed to analyze and configure various aspects of computer networks. The majority of them originated on Unix systems, but several later ports to other operating systems exist.

<span class="mw-page-title-main">CUPS</span> Computer printing system

CUPS is a modular printing system for Unix-like computer operating systems which allows a computer to act as a print server. A computer running CUPS is a host that can accept print jobs from client computers, process them, and send them to the appropriate printer.

top (software) Task manager program found in many Unix-like operating systems

top is a task manager or system monitor program, found in many Unix-like operating systems, that displays information about CPU and memory utilization.

tail is a program available on Unix, Unix-like systems, FreeDOS and MSX-DOS used to display the tail end of a text file or piped data.

In the field of computer network administration, pcap is an application programming interface (API) for capturing network traffic. While the name is an abbreviation of packet capture, that is not the API's proper name. Unix-like systems implement pcap in the libpcap library; for Windows, there is a port of libpcap named WinPcap that is no longer supported or developed, and a port named Npcap for Windows 7 and later that is still supported.

<span class="mw-page-title-main">Argus – Audit Record Generation and Utilization System</span>

Argus – the Audit Record Generation and Utilization System is the first implementation of network flow monitoring, and is an ongoing open source network flow monitor project. Started by Carter Bullard in 1984 at Georgia Tech, and developed for cyber security at Carnegie Mellon University in the early 1990s, Argus has been an important contributor to Internet cyber security technology over its 30 years..

In computer networks, network traffic measurement is the process of measuring the amount and type of traffic on a particular network. This is especially important with regard to effective bandwidth management.

<span class="mw-page-title-main">Wireshark</span> Network traffic analyzer

Wireshark is a free and open-source packet analyzer. It is used for network troubleshooting, analysis, software and communications protocol development, and education. Originally named Ethereal, the project was renamed Wireshark in May 2006 due to trademark issues.

The Berkeley Packet Filter is a network tap and packet filter which permits computer network packets to be captured and filtered at the operating system level. It provides a raw interface to data link layers, permitting raw link-layer packets to be sent and received, and allows a userspace process to supply a filter program that specifies which packets it wants to receive. For example, a tcpdump process may want to receive only packets that initiate a TCP connection. BPF returns only packets that pass the filter that the process supplies. This avoids copying unwanted packets from the operating system kernel to the process, greatly improving performance. The filter program is in the form of instructions for a virtual machine, which are interpreted, or compiled into machine code by a just-in-time (JIT) mechanism and executed, in the kernel.

Solaris network virtualization and resource control is a set of features originally developed by Sun Microsystems as the OpenSolaris Crossbow umbrella project, providing an internal network virtualization and quality of service framework within the Solaris Operating System.

<span class="mw-page-title-main">NetLimiter</span>

NetLimiter is a client-side traffic shaping, monitoring and firewall (computing) software for the Windows operating system. Unlike most traffic-shaping utilities, which are based on centrally managed hardware, NetLimiter is a software-only solution. This has the advantage of being less expensive to deploy, but can result in being more difficult to manage its use across more than one computer.

The program ttcp is a utility for measuring network throughput, popular on Unix systems. It measures the network throughput between two systems using the TCP or optionally UDP protocols. It was written by Mike Muuss and Terry Slattery at BRL sometime before December 1984, to compare the performance of TCP stacks by the Computer Systems Research Group (CSRG) of the University of California, Berkeley and Bolt, Beranek and Newman (BBN) to help DARPA decide which version to place in 4.3BSD.

BWPing is a tool to measure bandwidth and response times between two hosts using Internet Control Message Protocol (ICMP) echo request/echo reply mechanism. It does not require any special software on the remote host. The only requirement is the ability to respond on ICMP echo request messages. BWPing supports both IPv4 and IPv6 networks.

<span class="mw-page-title-main">EtherApe</span> Network traffic monitoring tool

EtherApe is a packet sniffer/network traffic monitoring tool, developed for Unix. EtherApe is free, open source software developed under the GNU General Public License.

ngrep Packet analyser

ngrep is a network packet analyzer written by Jordan Ritter. It has a command-line interface, and relies upon the pcap library and the GNU regex library.

<span class="mw-page-title-main">Command-line interface</span> Computer interface that uses text

A command-line interface (CLI) is a means of interacting with a computer program by inputting lines of text called command-lines. Command-line interfaces emerged in the mid-1960s, on computer terminals, as an interactive and more user-friendly alternative to the non-interactive interface available with punched cards.

bmon Bandwidth monitoring software

bmon is a free and open-source monitoring and debugging tool to monitor bandwidth and capture and display networking-related statistics. It features various output methods including an interactive curses user interface and programmable text output for scripting. bmon allows the user to see:

  1. Network bandwidth real-time visualization
  2. Total amount of transmitted data
  3. CRC errors
  4. Collisions
  5. ICMPv6 traffic packets

References

  1. "Change Log for Iftop". GitLab Community Edition. Retrieved February 26, 2024.
  2. Theocharides, Antonis; Antoniades, Demetres; Polychronakis, Michalis; Athanasopoulos, Elias; Markatos, Evangelos P. (November 9–14, 2008). Topnet: A Network-Aware. Proceedings of the 22nd Large Installation System Administration Conference. San Diego, CA: USENIX Association. pp. 145–157. Retrieved February 26, 2024.
  3. 1 2 "A Linux Admin's Guide to Mastering the Iftop Network Bandwidth Monitor". The Linux Code. 2023-12-27. Archived from the original on 2023-12-27. Retrieved 2024-03-07.
This page is based on this Wikipedia article
Text is available under the CC BY-SA 4.0 license; additional terms may apply.
Images, videos and audio are available under their respective licenses.