Hi Folks,

I was wondering if any of you guys would know how I could find out statistics on TCP packets sent/recieved by my system. Have been looking at netstat -s command but can't see anything apparent.

I ran the "netstat -s | grep "packets sent" and "netstat -s | grep "packets recieved" commands and from this I got what looked to be pretty promising figures, but on further investiagtion of this I found out that these packets sent/received were infact UDP packets, and not the required TCP packets.

So I was just wondering if anyone could tell me where or how I could find out more statistics on incoming/outgoing TCP packets...

Many thanks
Regards
Ciaran.

Google around for info on TCPDump

Yeah...

Been looking at TCPDump as well as Ethereal and my understanding of these tool is that they capture packets that are in the network at any one time, and also do not give any report on lost/retransmitted packets or errors encountered, and this is the kind of information I am hoping to get access to...

statistics i not sure but this below command will tell u how many urs RX & TX and error pckts
since u on the pc

[rou@net test]$ /sbin/ifconfig
eth0 Link encap:Ethernet HWaddr 00:50:22:B0:7D:CD
inet addr:192.168.0.88 Bcast:192.168.0.255 Mask:255.255.255.0
inet6 addr: fe80::250:22ff:feb0:7dcd/64 Scope:Link
UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1
RX packets:5296297 errors:0 dropped:0 overruns:0 frame:0
TX packets:5292567 errors:0 dropped:0 overruns:3 carrier:0
collisions:1914707 txqueuelen:1000
RX bytes:607551994 (579.4 MiB) TX bytes:589643754 (562.3 MiB)
Interrupt:11 Base address:0xc400

root@noc:~# /sbin/ifconfig
eth0 Link encap:Ethernet HWaddr 00:60:67:44:1F:30
inet addr:192.168.0.11 Bcast:192.168.0.255 Mask:255.255.255.0
UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1
RX packets:5505852 errors:0 dropped:0 overruns:0 frame:2
TX packets:4063211 errors:3 dropped:0 overruns:3 carrier:0
collisions:1847372 txqueuelen:1000
RX bytes:2110272425 (2012.5 Mb) TX bytes:2219772733 (2116.9 Mb)
Interrupt:9 Base address:0xf880


sorry if not this what u need

It certainly looks promising... But what exactly does TX and RX stand for?

Yeah these numbers of TX and RX are for packet transfers if I've done my research correctly. But unfortunatly this information is for all packets including TCP & UDP whereas I require information on TCP Packets only...

Thanks anyhow.
Ciaran

u need to use snmp.

Hi Newpenguin...

In what way do I need to use snmp? I've never used this before and only briefly heard of it. So could you please further advise?

Many thanks
CICA

snmp protocol is used for performance/load measuring on remote devices.
u need to run snmp daemon in your machine, then u can use any tool like mrtg to graph the traffic counters.

search for net-snmp, mrtg configurations

and u can find tutorials where both configurations are mentioned. then use the snmp specific code to get all tcp inbound outbound packets graphs.

this sounds really good, and specific to what I need! I'll keep you up-dated on progress...

Thanks
CICA

Hi Newpenguin,

This package looks pretty neat, but it also looks pretty complex and I have to get this information regarding the TCP stats as soon as I can because it is for a college dissertation, and I may not have the adequate time to get to grips with the tool, to get the info I require. I'm pretty new to Linux hence the following question. I am about to run the make install command, but before I do so I wanted to check to ask how easy it would be to uninstall this package i.e. is there a command I can run that will uninstall all related files. I am asking this incase I have to uninstall the package due to not having enough time to learn how to use it efficiently to get the required stats...

Many thanks
CICA

Hi newpenguin,

I have since installed the net-snmp package. But when I try running the following command I get this result:

[root@localhost /]# snmpnetstat -s 192.168.0.5
ip:
snmpnetstat: Bad version specified
snmpnetstat: Bad version specified
snmpnetstat: Bad version specified
snmpnetstat: Bad version specified
snmpnetstat: Bad version specified
snmpnetstat: Bad version specified
snmpnetstat: Bad version specified
snmpnetstat: Bad version specified
snmpnetstat: Bad version specified
snmpnetstat: Bad version specified
snmpnetstat: Bad version specified
snmpnetstat: Bad version specified
snmpnetstat: Bad version specified
snmpnetstat: Bad version specified
snmpnetstat: Bad version specified
snmpnetstat: Bad version specified
icmp:
snmpnetstat: Bad version specified
snmpnetstat: Bad version specified
snmpnetstat: Bad version specified
snmpnetstat: Bad version specified
snmpnetstat: Bad version specified
snmpnetstat: Bad version specified
snmpnetstat: Bad version specified
snmpnetstat: Bad version specified
snmpnetstat: Bad version specified
snmpnetstat: Bad version specified
snmpnetstat: Bad version specified
snmpnetstat: Bad version specified
snmpnetstat: Bad version specified
snmpnetstat: Bad version specified
snmpnetstat: Bad version specified
snmpnetstat: Bad version specified
snmpnetstat: Bad version specified
snmpnetstat: Bad version specified
snmpnetstat: Bad version specified
snmpnetstat: Bad version specified
snmpnetstat: Bad version specified
snmpnetstat: Bad version specified
snmpnetstat: Bad version specified
snmpnetstat: Bad version specified
snmpnetstat: Bad version specified
snmpnetstat: Bad version specified
tcp:
snmpnetstat: Bad version specified
snmpnetstat: Bad version specified
snmpnetstat: Bad version specified
snmpnetstat: Bad version specified
snmpnetstat: Bad version specified
snmpnetstat: Bad version specified
snmpnetstat: Bad version specified
snmpnetstat: Bad version specified
udp:
snmpnetstat: Bad version specified
snmpnetstat: Bad version specified
snmpnetstat: Bad version specified
snmpnetstat: Bad version specified
[root@localhost /]#

This ip address is definatly in use, so can you please advise?

Thanks
CICA

Hi

I use iptarif, it has lots of statistics about the packets to and from you pc and has both kinds udp and tcp

http://cebu.mozcom.com/riker/iptraf/

Hi
Also you can see the output of:

$ netstat -st tcp

please follow
http://www.linuxhomenetworking.com/linux-hn/mrtg.htm
and if you are in hurry , then i think nx5000 has given u very good solution.