注册 登录  
 加关注
   显示下一条  |  关闭
温馨提示!由于新浪微博认证机制调整,您的新浪微博帐号绑定已过期,请重新绑定!立即重新绑定新浪微博》  |  关闭

itoedr的it学苑

记录从IT文盲学到专家的历程

 
 
 

日志

 
 

用 tcptrack实时监控你的网络联接  

2014-01-27 09:03:38|  分类: 系统监控 |  标签: |举报 |字号 订阅

  下载LOFTER 我的照片书  |
linux下有很多用的开源工具,如果要实时监控你的linux的网络联接,可以使用tcptrack.
用 tcptrack实时监控你的网络联接 - itoedr - itoedr的it学苑
 本图显示了命令的简洁帮助
下图是笔者的一个实验图.看看WEBqq会有多少联接发生.启动命令为:"tcptrack -i wlan0"(笔记本使用无线)
用 tcptrack实时监控你的网络联接 - itoedr - itoedr的it学苑
 笔者选择了webqq的https通讯,443端口就一直打开服务.
 下面是关于tcptrack的使用说明
***************************************************
英文使用手册
***************************************************
NAME
       tcptrack - Monitor TCP connections on the network

SYNOPSIS
       tcptrack [ -dfhvp ] [ -r seconds ] -i interface
        [ filter expression ]

DESCRIPTION
       tcptrack displays the status of TCP connections that it sees on a given network interface. tcptrack monitors their state and displays infor‐
       mation such as state, source/destination addresses and bandwidth usage in a sorted, updated list very much like the top(1) command.

       The filter expression is a standard pcap filter expression (identical to the expressions used by tcpdump(8)) which can  be  used  to  filter
       down the characteristics of TCP connections that tcptrack will see. See tcpdump(8) for more information about the syntax of this expression.


OPTIONS
       -d     Only track connections that were started after tcptrack was started. Do not try to detect existing connections.

       -f     Enable  fast  average  recalculation.  TCPTrack will calculate the average speeds of connections by using a running average. TCPTrack
              will use more memory and CPU time, but averages will seem closer to real time and will be updated more than once per second  and  may
              be  more accurate under heavy load.  The number of times per second that averages will be recalculated in fast mode is a compile-time
              setting that defaults to 10 times per second.

       -h     Display command line help

       -i [interface]
              Sniff packets from the specified network interface.

       -T [pcap file]
              Read packets from the specified file instead of sniffing from the network.  Useful for testing.

       -p     Do not put the interface being sniffed into promiscuous mode.

       -r [seconds]
              Wait this many seconds before removing a closed connection from the display.  Defaults to 2 seconds. See also the  pause  interactive
              command (below).

       -v     Display tcptrack version

INTERACTIVE COMMANDS
       The following keys may be pressed while tcptrack is running to change runtime options:

       p  - Pause/unpause display. No new connections will be added to the display, and all currently displayed connections will remain in the dis‐
       play.

       q - Quit tcptrack.

       s - Cycle through the sorting options: unsorted, sorted by rate, sorted by total bytes.

       The options for pausing and toggling sorting are useful if you're watching a very busy network and want to look at the display without  con‐
       nections jumping around (due to sorting and new connections being added) and disappearing (due to being closed for a certain time).

       When  paused (via the p command) no new connections will be displayed, however tcptrack will still monitor and track all connections it sees
       as usual. This option affects the display only, not internals. When you unpause, the display will be updated with  all  current  information
       that tcptrack has been gathering all along.

EXAMPLES
       tcptrack  requires  only one parameter to run: the -i flag followed by an interface name that you want tcptrack to monitor. This is the most
       basic way to run tcptrack:

       # tcptrack -i eth0

       tcptrack can also take a pcap filter expression as an argument. The format of this filter expression is the same as that of  tcpdump(8)  and
       other libpcap-based sniffers. The following example will only show connections from host 10.45.165.2:

       # tcptrack -i eth0 src or dst 10.45.165.2

       The next example will only show web traffic (ie, traffic on port 80):

       # tcptrack -i eth0 port 80


SEE ALSO
       tcpdump(8), pcap(3), http://www.rhythm.cx/~steve/devel/tcptrack
  评论这张
 
阅读(149)| 评论(0)
推荐 转载

历史上的今天

在LOFTER的更多文章

评论

<#--最新日志,群博日志--> <#--推荐日志--> <#--引用记录--> <#--博主推荐--> <#--随机阅读--> <#--首页推荐--> <#--历史上的今天--> <#--被推荐日志--> <#--上一篇,下一篇--> <#-- 热度 --> <#-- 网易新闻广告 --> <#--右边模块结构--> <#--评论模块结构--> <#--引用模块结构--> <#--博主发起的投票-->
 
 
 
 
 
 
 
 
 
 
 
 
 
 

页脚

网易公司版权所有 ©1997-2017