trafshow – a utility for displaying traffic statistics passing through network interfaces.
Since the utility is included in the Netdiag (Net-Diagnostics) set, everything is installed together.
You can install Netdiag and trafshow in Ubuntu / Debian using the following command:
sudo apt-get install netdiag
In CentOS/RedHat/Fedora:
sudo yum install netdiag
Command viewing guide:
man trafshow
Simple launch:
sudo trafshow
I’ll describe the possible startup options:
-v (view the version of the program)
-n (do not convert the addresses into DNS names, and port numbers for example 80 in http, etc., in the running program, you can toggle the option with the N key)
-a len (summarizing traffic flows using the IP prefix IP netmask len, in the program is switched by pressing the A key)
-с conf (using an alternative color configuration instead of the standard / etc / trafshow)
-i name (indication of the network interface)
-s str (search for an item in the list and go to it)
-u port (listening to the specified UDP port for Cisco Netflow, the default number is 9995, to disable use 0)
-R refresh (update interval, default 2 secs, in the program is changed with the R key)
-P purge (cleaning of obsolete records after the specified time, by default 10 seconds, in the program is changed by the key P)
-F file (using a file for filters)
expr (what packages will be displayed, if not specified, then all)
I have set filter to “port 25” to find a spambot on my network, but do not get anything even when using a my email client.