IPTraf-ng – A Console-Based Network Monitoring Tool

IPTraf-ng is a console-based Linux network statistics monitoring program that shows information about IP traffic, which includes information such as:

  • Current TCP connections
  • UDP, ICMP, OSPF, and other types of IP packets
  • Packet and byte counts on TCP connections
  • IP, TCP, UDP, ICMP, non-IP, and other packet and byte counts
  • TCP/UDP counts by ports
  • Packet counts by packet sizes
  • Packet and byte counts by IP address
  • Interface activity
  • Flag statuses on TCP packets
  • LAN station statistics

The IPTraf-ng utility can be used to find out the type of traffic on your network, and what kind of service is the most heavily used on what systems, among
others.

In this article, you will learn how to install and use the IPTraf-ng network statistics utility in Linux systems.

Installing IPTraf-ng in Linux

IPTraf-ng is part of the Linux distribution and can be installed on RHEL-based distributions such as CentOS Stream, Fedora, Rocky Linux, and AlmaLinux using the following yum command from the terminal.

# yum install iptraf-ng
Install IPtraf-ng in RHELInstall IPtraf-ng in RHEL
Install IPtraf-ng in RHEL

Under Debian-based distributions, iptraf-ng can be installed using Ubuntu Software Center or apt package manager as shown.

$ sudo apt install iptraf-ng
Install IPtraf-ng in DebianInstall IPtraf-ng in Debian
Install IPtraf-ng in Debian

Usage of IPTraf-ng in Linux

Once iptraf-ng is installed, run the following command from the terminal to launch an ascii-based menu interface that will allow you to view current IP traffic monitoring, General interface statistics, Detailed interface statistics, Statistical breakdowns, LAN station monitors, Filters, and also provide some configure options where you can configure as per your need.

# iptraf-ng
iptraf-ng Menuiptraf-ng Menu
iptraf-ng Menu

The iptraf interactive screen displays a menu system with different options to choose from. Here are some screenshots that show real-time IP traffic counts and interface statistics etc.

Linux IP Traffic Monitor

Linux IP Traffic MonitorLinux IP Traffic Monitor
Linux IP Traffic Monitor

General Interface Statistics

Linux Network Inerface StatisticsLinux Network Inerface Statistics
Linux Network Interface Statistics

Detailed Interface Statistics

Linux Monitor Network StatisticsLinux Monitor Network Statistics
Linux Monitor Network Statistics

Statistical Breakdowns

Linux Network Statistical BreakdownsLinux Network Statistical Breakdowns
Linux Network Statistical Breakdowns

LAN Station Monitor

Linux LAN Station MonitoringLinux LAN Station Monitoring
Linux LAN Station Monitoring

Configure

IPTraf ConfigureIPTraf Configure
IPTraf Configure

IPTraf Options

Using “iptraf -i” will immediately start the IP traffic monitor on a particular interface. For example, the following command will start the IP traffic on interface eth0.

This is the primary interface card that is attached to your system. Else you can also monitor all your network interface traffic using the argument as “iptraf -i all“.

# iptraf-ng -i eth0
Or
# iptraf-ng -i all
Linux LAN Network Interface MonitoringLinux LAN Network Interface Monitoring
Linux LAN Network Interface Monitoring

Similarly, you can also monitor TCP/UDP traffic on a specific interface, using the following command.

# iptraf-ng -s eth0
Linux TCP/UDP Network MonitorLinux TCP/UDP Network Monitor
Linux TCP/UDP Network Monitor

If you want to know more options and how to use them, check iptraf-ngman page‘ or use the command as ‘iptraf-ng -help‘ for more parameters. For more information visit the official project page.

Leave a Comment