Created
December 19, 2010 03:42
-
-
Save jesstess/747082 to your computer and use it in GitHub Desktop.
DIY bandwidth summaries
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| DIY bandwidth summaries | |
| 1. ifconfig | |
| ifconfig -a will give you transmitted and received bytes by interface since last boot. | |
| Gets its info from /proc/net/dev | |
| 2. iptables | |
| sudo iptables -L -v will give you packets and bytes for the INPUT, FORWARD, and OUTPUT builtin chains since last boot (or since you reset the counters on the chains: iptables -Z <chain>). | |
| a) bandwidth monitoring for inbound and outbound traffic | |
| iptables -N input_accounting | |
| -N <name> means create a new chain with name <name> | |
| iptables -I INPUT -j input_accounting | |
| -I <chain> <rule-specification> says insert a rule into <chain>. That rule is -j input_accounting, or "jump to input_accounting" if the packet matches the rule. aka "all incoming packets go through the input_accounting chain too." | |
| We can do the same for outgoing bandwidth with: | |
| iptables -N output_accounting | |
| iptables -I OUTPUT -j output_accounting | |
| b) by interface | |
| eg. | |
| sudo iptables -I INPUT -i wlan0 -j input_accounting | |
| sudo iptables -I INPUT -i lo -j input_accounting | |
| sudo iptables -I OUTPUT -o wlan0 -j output_accounting | |
| sudo iptables -I OUTPUT -o lo -j output_accounting | |
| c) by port | |
| eg. | |
| sudo iptables -I INPUT -i wlan0 -p tcp --dport 80 -j output_accounting | |
| sudo iptables -I OUTPUT -o wlan0 -p tcp --dport 22 -j output_accounting | |
| d) by IP address | |
| $ dig web.mit.edu +short | |
| 18.9.22.69 | |
| sudo iptables -I INPUT -i wlan0 -p -s 18.9.22.69 -j output_accounting | |
| === | |
| After the above we have something like | |
| $ sudo iptables -L -v | |
| [sudo] password for jesstess: | |
| Chain INPUT (policy ACCEPT 18239 packets, 14M bytes) | |
| pkts bytes target prot opt in out source destination | |
| 193 259K input_accounting all -- wlan0 any WEB.MIT.EDU anywhere | |
| 1123 513K input_accounting all -- lo any anywhere anywhere | |
| 9859 6202K input_accounting all -- wlan0 any anywhere anywhere | |
| 18196 14M input_accounting all -- any any anywhere anywhere | |
| Chain FORWARD (policy ACCEPT 0 packets, 0 bytes) | |
| pkts bytes target prot opt in out source destination | |
| Chain OUTPUT (policy ACCEPT 14765 packets, 3053K bytes) | |
| pkts bytes target prot opt in out source destination | |
| 102 9643 output_accounting tcp -- any wlan0 anywhere anywhere tcp dpt:ssh | |
| 1123 513K output_accounting all -- any lo anywhere anywhere | |
| 8740 1911K output_accounting all -- any wlan0 anywhere anywhere | |
| 14585 3030K output_accounting all -- any any anywhere anywhere | |
| Chain input_accounting (4 references) | |
| pkts bytes target prot opt in out source destination | |
| Chain output_accounting (4 references) | |
| pkts bytes target prot opt in out source destination | |
| === | |
| Comprehensive list of tools related to bandwidth monitoring: | |
| - http://www.ubuntugeek.com/bandwidth-monitoring-tools-for-linux.html | |
| Use libiptc to collect the data from the kernel yourself: | |
| - http://www.linux.org/docs/ldp/howto/Querying-libiptc-HOWTO/bmeter.html | |
| For dynamic per-IP bandwidth: | |
| - ipband | |
| - plain ol' tcpdump | |
| What the right tool is really depends on your needs |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment