iptraf

iptraf can be used to obtain statistics on interface usage. It can be used to find out incoming and outgoing packet and data rates. It can also help in finding how much percentage of bandwidth is being used by TCP/UDP or IP protocols etc.

To start iptraf in detailed statistics mode we can use

iptraf -d <interface_name>

'iptraf' also has other modes where:

• It can trace TCP/UDP connections by port numbers and hence we can determine which protocol is consuming lot of network resources
• General interface statistics which can be used to find which interface is being used a lot on multi-homed hosts
• Statistical breakdown of packet by packet-size can be displayed to find out statistics about packet size, like what is the most common size of packets being sent-received etc.
• LAN station monitor where it monitors different MAC addresses it learns on specified interface.

To start other modes we can learn about various options from man pages or we can start 'iptraf' without giving any command line arguments. In this case iptraf provides nice ncurses based menu type interface to choose among various options.

'iptraf' also has filter option where we can specify 'tcpdump' style kernel network filters and only information about packets that pass the filter is displayed.