Back to Commands

iptraf

networkingLinux
The iptraf command is one of the most frequently used commands in Linux/Unix-like operating systems. iptraf Interactive colorful IP LAN monitor
See ExamplesView Syntax

Quick Reference

Command Name:

iptraf

Category:

networking

Platform:

Linux

Basic Usage:

iptraf [options] [arguments]

Common Use Cases

    Syntax

    iptraf [-h|-f|-z|-i interface|-g|-d interface|-s interface|-l|-t facility]

    Options

    Option Description
    -h Display help
    -i interface Start the IP traffic monitor on specified interface
    -g Start the general interface statistics
    -d interface Start the detailed statistics for specified interface
    -s interface Start the TCP/UDP statistics for specified interface
    -z Reset all counters to zero
    -l View the IP traffic log
    -f Clear all locks and restart IPTraf
    -t facility Specify alternate facility for syslog messages
    -B Disable reverse DNS lookups for TCP/UDP service name resolution

    Examples

    How to Use These Examples

    The examples below show common ways to use the iptraf command. Try them in your terminal to see the results. You can copy any example by clicking on the code block.

    # Basic Examples Basic
    iptraf
    Start IPTraf with the main menu.
    iptraf -i eth0
    Start IP traffic monitor on interface eth0.
    # Advanced Examples Advanced
    iptraf -g Start the general interface statistics. iptraf -d eth0 Start the detailed interface statistics for eth0. iptraf -s eth0 Start the TCP/UDP statistics for eth0. iptraf -z Reset all counters to zero. iptraf -l View the IP traffic log. iptraf -f Clear all locks and restart IPTraf.

    Try It Yourself

    Practice makes perfect! The best way to learn is by trying these examples on your own system with real files.

    Understanding Syntax

    Pay attention to the syntax coloring: commands, options, and file paths are highlighted differently.

    Notes

    IPTraf is a console-based network statistics utility for Linux that provides a real-time, interactive IP traffic monitor. It's a valuable tool for network administrators and anyone who needs to analyze network traffic patterns on Linux systems. Key features of IPTraf: 1. Real-time Monitoring: IPTraf provides real-time statistics of network traffic, allowing administrators to observe traffic patterns as they happen, which is crucial for troubleshooting and performance monitoring. 2. Interactive Interface: The tool offers a text-based, colorful, and user-friendly interface that runs in the Linux console, making it accessible even on servers without graphical interfaces. 3. Protocol Statistics: IPTraf can break down traffic by protocol (TCP, UDP, ICMP, etc.) and provides detailed statistics for each, helping identify what types of traffic are consuming bandwidth. 4. Interface Statistics: It offers both general and detailed statistics for network interfaces, showing packet counts, byte counts, error rates, and more. 5. TCP/UDP Connection Monitoring: IPTraf can display active TCP and UDP connections, including source and destination addresses, ports, and the amount of data transferred. 6. Packet Size Distribution: The tool can analyze and display the distribution of packet sizes, which can be useful for optimizing network configurations. 7. Logging Capabilities: IPTraf can log network activities to files for later analysis, allowing for historical trending and offline troubleshooting. 8. Filtering Options: It provides options to filter traffic based on interfaces, protocols, or addresses, allowing focused analysis of specific traffic types. Common use cases for IPTraf include: - Identifying bandwidth hogs on a network - Troubleshooting network connectivity issues - Monitoring server network performance - Detecting unusual network activity that might indicate security problems - Validating firewall configurations by observing what traffic is passing through - Education and learning about network protocols and traffic patterns While IPTraf is still used and available in many Linux distributions, it's worth noting that its development has been largely inactive, and newer alternatives like iftop, nethogs, and nload offer similar functionality with more modern interfaces. However, IPTraf remains valuable for its simplicity, low resource requirements, and comprehensive view of network statistics in a single tool. The tool requires root privileges to run since it needs to put network interfaces into promiscuous mode to capture all packets.

    Related Commands

    These commands are frequently used alongside iptraf or serve similar purposes:

    iftop
    nethogs
    nload
    bmon
    tcpdump
    wireshark
    netstat
    ss
    netwatch
    iptraf-ng
    Explore All Commands

    Use Cases

    Learn By Doing

    The best way to learn Linux commands is by practicing. Try out these examples in your terminal to build muscle memory and understand how the iptraf command works in different scenarios.

    See ExamplesTry Lab Exercises
    $ iptraf
    View All Commands