aeby 06-27-2007 04:33 AM

comman line tool analysing network traffic on an interface

i need to analyse traffic running on the interfaces on a particular server, i want to know what packets are going thru an interface and how to analyse them,
i need a command line tool for this. i know about ethereal, i also need to acces what percentage of the traffic is going thru these interfaces.

thanks in advance

SkyEye 06-27-2007 05:44 AM

Try "iptraf". It's ncurses based and cool to use.

Wireshark (earlier called Ethereal) also has a command line tool called "tshark"

aeby 06-27-2007 06:29 AM

The tool is very helpful thanks.
i am on Fedora 6 and i can use the tool , but i cant find the command on a gentoo box, please can you give me a tool that works on gentoo,
i also need a tool to analyse the bandwidth used on and how do you check what sites the clients visited in a network .


SkyEye 06-27-2007 07:23 AM

Both iptraf and Wireshark are available for Gentoo.

And to keep track of bandwidth and sites visited, you need to have a proxy or a similar mechanism. If you are already using Squid proxy there are quite a lot of things to help you with it. There are simple programs like squidview, SARG or more advanced things. If you don't have Squid and don't want to have you might want to try one of the tools like Nagios or ntop.

