I will give an example of changing the TX and RX buffers of network interfaces in Linux.
First, install ethtool if it is not installed:
Category Archives: Networks
Installing and using jnettop
jnettop – a utility for viewing traffic statistics in real time, sorted by hosts / ports.
The installation command in Ubuntu/Debian:
sudo apt-get install jnettop
The installation command in CentOS:
sudo yum install jnettop
An example of a simple start:
sudo jnettop
An example of a start with a network interface:
sudo jnettop -i eth0
I’ll describe the possible startup options:
-h (help)
-v (view version)
-c (disable content filtering)
-d (write debugging information to a file)
-f (reading the configuration from the file, if not specified, then the file is searched for ~/.jnettop)
-i (to capture packets from the specified interface)
–local-aggr [none|host|port|host+port] (set local aggregation to the specified value)
–remote-aggr [none|host|port|host+port] (set remote aggregation to the specified value)
-n (do not resolving IP to DNS names)
-p (inclusion of promiscuous mode to receive all packets that come to the network interface)
-s (selects one of the rules defined in the .jnettop configuration file (by its name))
-x (allows you to specify a custom filter rule. this allows you to use the syntax of the tcpdump style. do not forget to include the filter in quotation marks when starting from the shell)
Install and configure ntopng
Below I’ll describe the installation of ntopng in Ubuntu.
We select the necessary package on http://packages.ntop.org/apt-stable/ and download it:
wget wget http://apt-stable.ntop.org/16.04/all/apt-ntop-stable.deb sudo dpkg -i apt-ntop-stable.deb
Further we carry out:
sudo apt-get clean all sudo apt-get update sudo apt-get install pfring nprobe ntopng ntopng-data n2disk nbox sudo touch /etc/ntopng/ntopng.start sudo /etc/init.d/ntopng restart
If new versions of ntopng are released, then you can update by running the commands:
sudo apt-get update sudo apt-get upgrade
After installation, the configuration file will be located in the /etc/ntopng/ntopng.conf directory
I will give an example of its content:
-w=3000 -d=/var/tmp/ntopng -G=/var/run/ntopng.pid --httpdocs-dir /usr/share/ntopng/httpdocs --local-networks="192.168.0.0/16,10.0.0.0/8,172.16.0.0/16"
Restart / stop / start ntopng with commands:
sudo /etc/init.d/ntopng restart sudo /etc/init.d/ntopng stop sudo /etc/init.d/ntopng start
You can check from the console with the command:
sudo /etc/init.d/ntopng status sudo netstat -tulpn | grep :3000
Open the web interface by typing in the address bar of the browser:
http://HOST:3000
The standard login and password are admin/admin.
See also:
Install and configure nprobe
The solution to the error “Missing /etc/ntopng/ntopng.start. Quitting”
Installing Ostinato in Ubuntu
Ostinato – program for network analysis and traffic generation.
The Ostinato installation command in Ubuntu:
sudo apt-get install ostinato
The launch is performed in a graphical mode by reference or by the command:
sudo ostinato
To remove Ostinato, you can run the following command:
sudo apt-get purge ostinato
Installing and Using dhcpdump
dhcpdump – sniffer utility for analyzing DHCP packets.
Continue reading “Installing and Using dhcpdump”Starting a TFTP server in Windows
One of the options for running the tftp server on Windows is to download and run the application from the link http://tftpd32.jounin.net/tftpd32_download.html
Continue reading “Starting a TFTP server in Windows”Installing and using trafshow
trafshow – a utility for displaying traffic statistics passing through network interfaces.
Since the utility is included in the Netdiag (Net-Diagnostics) set, everything is installed together.
You can install Netdiag and trafshow in Ubuntu / Debian using the following command:
sudo apt-get install netdiag
In CentOS/RedHat/Fedora:
sudo yum install netdiag
Command viewing guide:
man trafshow
Simple launch:
sudo trafshow
I’ll describe the possible startup options:
-v (view the version of the program)
-n (do not convert the addresses into DNS names, and port numbers for example 80 in http, etc., in the running program, you can toggle the option with the N key)
-a len (summarizing traffic flows using the IP prefix IP netmask len, in the program is switched by pressing the A key)
-с conf (using an alternative color configuration instead of the standard / etc / trafshow)
-i name (indication of the network interface)
-s str (search for an item in the list and go to it)
-u port (listening to the specified UDP port for Cisco Netflow, the default number is 9995, to disable use 0)
-R refresh (update interval, default 2 secs, in the program is changed with the R key)
-P purge (cleaning of obsolete records after the specified time, by default 10 seconds, in the program is changed by the key P)
-F file (using a file for filters)
expr (what packages will be displayed, if not specified, then all)
Installing and using softflowd
Softflowd – NetFlow network traffic analyzer.
You can install in Ubuntu/Debian using the command:
sudo apt-get install softflowd
After installation, you need to open its configuration file, for example, in the nano editor (Ctrl+X for exit, y/n for saving or canceling changes):
sudo nano /etc/default/softflowd
And specify the parameters, for example:
INTERFACE="any" OPTIONS="-n 192.168.1.40:5556"
After the changes, perform a restart:
sudo /etc/init.d/softflowd restart
Let’s look at the statistics of softflowd:
softflowctl statistics
If it is not running, there will be an error:
ctl connect(“/var/run/softflowd.ctl”) error: Connection refused
Display information about all monitored threads:
sudo softflowctl dump-flows
Information about softflowctl can be viewed by the command:
man softflowctl
I’ll describe other startup options:
-n (specify the network node and port on which will work softflowd)
-i (interface on which will work softflowd)
-r pcap_file (reading information from a file, not a network interface)
-p pidfile (alternative location for storing the process identifier, standard /var/run/softflowd.pid)
-c ctlsock (alternative location for the socket, standard /var/run/softflowd.ctl)
-m max_flows (maximum number of threads for simultaneous tracking)
-6 (consider also IPv6 data)
-D (debug mode)
-T track_level (level of tracking, can be full, proto, ip)
-v netflow_version (netflow version)
The reboot script of Wi-Fi routers TP-Link
Below is an example of the TP-Link router reboot script, I will test it on TL-WR720N 2.0 from Ubuntu Server.
#!/bin/sh ROUTER_IP="192.168.24.174" USERNAME="admin" PASSWORD="admin" # exit if router is down ping -q -c 1 "$ROUTER_IP" > /dev/null || exit curl --basic --user "$USERNAME:$PASSWORD" -A "Mozilla/4.73 [en] (X11; U; Linux 2.2.15 i686)" --refer "http://$ROUTER_IP" "$ROUTER_IP/userRpm/SysRebootRpm.htm?Reboot=reboot"
The contents of the script will be placed in a new file, for example, using the nano editor (“CTRL+X” to exit and “y” to save the changes):
nano file.sh
And make it executable:
chmod 777 file.sh
After this, we execute:
./file.sh
Similarly, you can perform other functions instead of rebooting.