iftop 설치, 실시간 트래픽 확인하기


실시간 트래픽을 보고 싶을때가 있는데, 여러가지 툴들이 있겠지만 iftop 을 설치하면 좀 더 간단하게 볼 수 있다.



# centos
yum install iftop  
# ubuntu
apt-get install iftop  


$ iftop

좌측에는 서버 IP 우측에는 클라이언트 IP 를 보여준다. 우측에 3컬럼은 각각 2초, 4초, 10초 동안의 평균 전송량을 보여준다.

그리고 하단에 나와있는 정보는 다음과 같은 의미를 가진다.


$ iftop --help 
Synopsis: iftop -h | [-npblNBP] [-i interface] [-f filter code]  
                               [-F net/mask] [-G net6/mask6]

   -h                  display this message
   -n                  don't do hostname lookups
   -N                  don't convert port numbers to services
   -p                  run in promiscuous mode (show traffic between other
                       hosts on the same network segment)
   -b                  don't display a bar graph of traffic
   -B                  Display bandwidth in bytes
   -i interface        listen on named interface
   -f filter code      use filter code to select packets to count
                       (default: none, but only IP packets are counted)
   -F net/mask         show traffic flows in/out of IPv4 network
   -G net6/mask6       show traffic flows in/out of IPv6 network
   -l                  display and count link-local IPv6 traffic (default: off)
   -P                  show ports as well as hosts
   -m limit            sets the upper limit for the bandwidth scale
   -c config file      specifies an alternative configuration file

-f 옵션 사용 ip 필터링해서보기

iftop -f 'ip dst'  
iftop -i eth0  -f  “dst host Linux.com”  
iftop  -i  eth1   -f    “dst port 22″  

인터랙티브 모드 단축키

f - filtering  
t - rx only | tx only | both  
p - port display  
P - pause  
j/k - scroll up/down  
b - bar graph on/off  
L - lin/log scales  
T - cumulative totals  
n - name resolution  
h - help for more keys and info  


# .iftoprc
# config file for iftop
dns-resolution: no  
port-resolution: no  
show-bars: yes  
promiscuous: yes  
port-display: on  
hide-source: no  
hide-destination: no  
use-bytes: yes  
line-display: one-line-both  
show-totals: yes  
log-scale: yes  

