..in addition to what's said already:
Quote:
Originally Posted by aal
often (not always) there is prolonged data activity on my internet connection although the browser has been idle for a long time. The total data usage on the connection seems much higher than it should be. eg: 9 MB to load a couple of webpages. What to look at?
|
First of all what you think of as "traffic" is not only TCP but also UDP sprinkled with a bit of ICMP. Granted, the latter should not take up much volume as its primary concern is error messages but web pages are way larger these days. While on the one hand content distribution and compression help lessen the load on the other hand it allows web sites to draw from more and different sources more easily (or carelessly), becoming less concerned with how or what they incorporate things or optimization. And where "social network" connectivity is involved there'll be more content requested that aren't simply web pages but video, Flash, applets and web services "talking" with each other (SOA, RIA, AJAX, XUL, SOAP, REST). More sources also means more DNS requests and ninety nine per cent of the time that will be UDP traffic. (BitTorrent uses UDP too.) Then there's browsers default settings like IPv6 being enabled when you don't need or have it, anticipatory caching of pages you haven't visited and requests to addresses you visited earlier (Firefox).
There's at least five things you can implement regardless of your data plan being unlimited or not, regardless of knowing what data you send or receive and regardless of your web behavior:
- speed up domain name resolution by using a local caching name server (Pdnsd, Dnsmasq, etc),
- speed up or avoid loading elements by using a local filtering and caching proxy server (Privoxy, Polipo, etc),
- using sane browser defaults,
- disabling plug-ins you don't need and
- client-side in-browser filtering like Noscript offers.
Back to the original question of what to look at, apps like:
- Netfilter (iptables) has a module that can do traffic accounting
- dnstop show you DNS requests you make,
- nethogs show you the
currently running applications that generate the most traffic,
- iftop shows you all current traffic
by destination (or whatever you choose),
- vnstat can give you hourly, daily, weekly
overviews of how much traffic went over the wire.
Equivalents / related: bandwidthd, (j)nettop, pktstat, cbm, bwm-ng, speedometer, ethstatus, trafshow, iptraf, Wireshark, MRTG and much, much more: check your distro's repos and Sourceforge, Freecode, Nongnu, etc, etc.
Quote:
Originally Posted by aal
Can data usage by individual applications be displayed and compared with total data being sent / received?
|
For currently running applications see above. Wrt saved statistics the problem is an application must not only track traffic but also assign it to a specific application. This means being able to read /proc for process names and UID's but also be able to differentiate between say Python running 'yum check-update' for user root and Python running 'calibre update' for say your unprivileged account. Possible but no app comes to mind right now.
Quote:
Originally Posted by aal
Can there be torrent activity when the application is not running
|
If you're assigned an often-changing dynamic IP address you may see "ghost traffic" for the previous user and if you recently were part of a swarm you may see ghost requests too but no, if the application isn't running then there will be no active traffic.