Linux iftop - Listen Network Traffic and Bandwidth
Last Updated :
11 Feb, 2021
The iftop listens to network traffic on a specified network interface. The iftop is a perfect tool for remote Linux server over a ssh based session.iftop displays the bandwidth usage by a pair of hosts in the form of a table. To run this tool we must have superuser (root)permissions.
Installation:
Installation iftop on Debian based system like Ubuntu, Kali Linux:
To install the iftop tool on Debian based system run the following command in terminal
sudo apt-get install iftop
Installation iftop on Arch Linux:
To install iftop on Arch-based system run the following command in terminal
sudo pacman -S iftop
Install iftop on a CentOS/Fedora/RHEL/ Linux:
To install the iftop on OS like CentOS we can use the yum package manager. Run the following command :
sudo yum install iftop
Usage:
Now let's use the iftop. As we know we must provide the superuser permission to run this tool there for always use sudo while running this tool. Use the following command to run the iftop.
sudo iftop -i INTERFACE
In the above command replace the INTERFACE with your network interface. The Default network interface used specified in iftop is eth0. But to know your current interface run the following command
ifconfig
Then you will get your interface. In my case, I am using Wi-Fi therefore my network interface is wlo1 therefore for I used the following command.
Then the output will be like:
Let's discuss output.In above output we can see there are two arrows are used ( ==> ) and ( <<) . See one by one is mean by that arrows.
1) ==>: This arrow indicates that the data is sent from x host to y host like. We can also call is uploading data.
x ==> y
2) <<:
This arrow means the data is received from y host to x host like. We can call this process downloading data.
x << y
Then there is some bar which is the logarithmic scale for the bar graph which gives a visual indication of traffic. Then there are three columns are shown with the same data. This column shows the data usage in intervals of 2s, 5 s, and 40s. Then below the horizontal line, we can see the Tx(Transmit) and RX(Receive) data usage. And Total data used by the interface.
Options of iftop:
The iftop provide some option to use it more efficiently .let's see it one by one
-h option: This option is used as help. On running the iftop with the -h option it will show all option and information about the iftop.
sudo iftop -h
Output:
-i option: This option is used to specify the network interface like wlan0 or eth0.
sudo iftop -i wlan0
-m option: This option is used to set a limit to bandwidth to output in use the -m option like the following command.
sudo iftop -i INTERFACE -m LIMIT
Here in the place of INTERFACE use your network interface and in place of LIMIT type the output limit in Bits. For example, I have used the following command
sudo iftop -i wlo1 -m 100
I have set the limit of 100 bits .In output, we can see the maximum limit is 100bits.
-F option: This option is used to analyze the traffic on a specific IPv4 network. If this is specified then iftop will only include the packets flowing in to out of the given network.
sudo iftop -i INTERFACE -F net/mask
Example:
sudo iftop -i wlo1 -F 24
And there are many other options you can see and use by -h option with iftop.
Similar Reads
TCP flow Analyze and Debug Network Traffic in Linux TCPflow is a completely free and open-source tool used for the analysis of network traffic on Linux and Unix systems. The data which is transferred during the connection is stored in a file by TCPflow in a systematic format for later study. TCPflow is almost the same as its counterparts such as Wire
5 min read
What is Bandwidth and Protocol in Networking? Downloading is a phenomenon in which we receive data from the internet on your system. For example- music, video, audio, etc., and Bandwidth is measured as the amount of data that can be transferred from one point to another within a network in a specific amount of time. A protocol is a set of rules
6 min read
What is Network Traffic Analysis in Cybersecurity? Network traffic analysis (NTA) is a way of monitoring network availability and activity to identify anomalies, such as security and operational issues. Network Traffic Analysis in Cybersecurity means monitoring the data that goes through a computer network. It helps to detect and prevent bad things
6 min read
How to Install and Use vnstat Network Traffic Monitoring Tool in Linux? VnStat is a network utility that uses a command-line interface designed for Linux. Logs of the selected interface(s) of hourly, daily, and monthly network traffic are kept, although it is not a packet sniffer. The network interface statistics that are provided by the kernel as the information source
2 min read
Linux - Limit Network Bandwidth Using WonderShaper Tool So here in this article, we are going to see how to limit a network bandwidth in Linux using WonderShaper. It is a tool which is a small bash script that enables us to limit the network bandwidth in Linux. It works as the tc command-line program as the backend for configuring traffic control in syst
3 min read
Network Traffic Analysis for Intrusion Detection and Prevention Network traffic analysis is defined as a method of monitoring network activity to identify security and performance issues and other breaches. In this article, we will learn about the working, importance, and implementation of network traffic analysis. What is Network Traffic Analysis?Network traffi
4 min read