| Tutorial details | |
|---|---|
| Difficulty | Intermediate (rss) |
| Root privileges | Yes |
| Requirements | EPEL |
| Time | 10m |
Install iftop
First, turn on EPEL repo on Linux. See how to install and enable epel repo on CentOS / RHEL / Scientific Linux v4.x/5.x/6.x for more information. Type the following yum command to install iftop on RHEL/CentOS/Fedora Linux:
# yum -y install iftop
Sample outputs:
Fig.01: iftop installed using yum command
How do I use iftop command?
The syntax is:
iftop iftop [options] iftop -i interface iftop -i eth0 -f filter_code
Examples
Simply type the following command to monitor traffic on eth0:
# iftop -i eth0
Sample outputs:
Animated gif 01: iftop in action on CentOS/RHEL
Don’t do DNS hostname lookups
By default, iftop will look up the hostnames associated with addresses it finds in packets. Pass the -n option to disable dns lookup:
# iftop -n -i eth0
Hide service name and port numbers
Pass the -N option to hide resolve port number to service names:
# iftop -N -i eth0
Find out packets flowing in and out of 192.168.1.0/24 network
Use the -F option to set net/mask for traffic analysis. In this example, find out packets flowing in and out of the 192.168.1.0/24 network. This is useful to find out if why the network is slow:
# iftop -F 192.168.1.0/255.255.255.0 -i eth0
icmp bandwidth stats
Find out more about icmp ping requests and bandwidth usage per interface by host. Use the -f to set filter:
# iftop -f icmp -i eth0
Hide bar graphs
Pass the -b option to turn off display bar graphs of traffic:
# iftop -b -i eth0
Pass the -B option to display bandwidth rates in bytes/sec rather than bits/sec:
# iftop -B -i eth0
Important keyboard shortcuts
- Press t control display type. The t cycles through the four line display modes; the default 2-line display, with sent and received traffic on separate lines, and 3 1-line displays, with sent, received, or total traffic shown.
- Press P to pause the current display.
- Press o to freeze the current screen order. This has the side effect that traffic between hosts not shown on the screen at the time will not be shown at all, although it will be included in the totals at the bottom of the screen.
- Press j and k to scroll the display of hosts. This is useful for busy servers.
Recommended readings
- Keeping a Log Of Daily Network Traffic for ADSL or Dedicated Remote Linux Server
- Linux: Check Network Connection Command
- Man pages: tcpdump(8)
🐧 Get the latest tutorials on Linux, Open Source & DevOps via:
- RSS feed or Weekly email newsletter
- Share on Twitter • Facebook • 6 comments... add one ↓
| Category | List of Unix and Linux commands |
|---|---|
| File Management | cat |
| Firewall | Alpine Awall • CentOS 8 • OpenSUSE • RHEL 8 • Ubuntu 16.04 • Ubuntu 18.04 • Ubuntu 20.04 |
| Network Utilities | dig • host • ip • nmap |
| OpenVPN | CentOS 7 • CentOS 8 • Debian 10 • Debian 8/9 • Ubuntu 18.04 • Ubuntu 20.04 |
| Package Manager | apk • apt |
| Processes Management | bg • chroot • cron • disown • fg • jobs • killall • kill • pidof • pstree • pwdx • time |
| Searching | grep • whereis • which |
| User Information | groups • id • lastcomm • last • lid/libuser-lid • logname • members • users • whoami • who • w |
| WireGuard VPN | Alpine • CentOS 8 • Debian 10 • Firewall • Ubuntu 20.04 |
Excellent tool. Thanks for sharing it :D
Great write up.
Thanks for sharing
Thanks. Handy tool to have.
How to get monthly bandwidth data from iftop. I tried NTM it doesn’t work, can u suggest any other monthy bandwidth monitoring tool ?
Honestly, if you want weekly/monthly reporting, i’d have to recommend VNstat the most. It’s small, easy to install and use, and simple. If you want something with more features, the only other one i could think of would be bandwidthd, but i will warn you that it hasn’t been updated since 2005 and has some issues with CPU usage on high throughput connections.