倒是有一些其他工具可以监测,不止iptraf
http://blog.chinaunix.net/uid-24501667-id-3765269.html
tcpdump也可以统计流量。还有rrd。
http://bbs.chinaunix.net/forum.php?mod=viewthread&tid=705339
http://www.cnblogs.com/wangvsa/archive/2012/07/16/2593551.html
==========================================================================
在iptraf的configure里配置了一下,把logging给打开,这样就能导出记录了。
但是开着iptraf时不会往log文件里写,只有关掉iptraf时才一股脑写进去。
所以我可以写个bash脚本或python脚本试一下了。每隔一段时间用iptraf统计一下?但是这一开一关也很花时间啊,有可能这期间传了大量的数据。
那么就在循环里不停的对iptraf开关开关,同时把每一个log文件里的相应端口的数据量进行累加。当某些端口的数据量比其他端口多很多时,就调用tc限速一下。
不过该如何直接通过命令行让iptraf开启呢?即直接进入statistics breakdown。
===========================================================================================================================================================
12.9
http://superuser.com/questions/356907/how-to-get-real-time-network-statistics-in-linux-with-kb-mb-bytes-format-and-for
------------------------------------------------------------------------------- ------------------------------------------------------------------------------- -------------------------------------------------------------------------------
I think you can use the proc interface to get the information you need. I created this little shell script called rt_traf.sh:
#!/bin/bash
cat /proc/$1/net/netstat | grep 'IpExt: ' | tail -n 1 | awk '{ print $8 " " $9 }'This will print the in and out octets separated by a tab. Octets multiplied by 8 will give you bits/second and then divided by 10^6 will give you megabits/second. Of course you can add this to the shell script to format the output how you want it. You can call this with the PID of your application like so ./rt_traf.sh <PID> which will give you an instantaneous reading of your application since startup. To watch real time stats per second you can wrap the shell script in the watch command:
watch -n 1 ./rt_traf.sh <PID>The -n parameter can be adjusted all the way down to tenths of a second. To do a calculation over time I would do something like this:
PID=<PID>; START=`./rt_traf.sh $PID`;IN_START=`echo $START | awk '{ print $1 }'`; OUT_START=`echo $START | awk '{ print $2 }'`; sleep 10; END=`./rt_traf.sh $PID`; IN_END=`echo $END | awk '{ print $1 }'`; OUT_END=`echo $END | awk '{ print $2 }'`; IN_BPS=`echo "scale=2; (($IN_START-$IN_END)/10)/8" | bc`; OUT_BPS=`echo "scale=2; (($OUT_START-$OUT_END)/10)/8" | bc`; echo "In: " $IN_BPS "Bits/second"; echo "Out: " $OUT_BPS "Bits/second"Again the math can be adjusted for the size/times you need. Not the most elegant or shrink wrapped solution but it should work in a pinch.
===============================================================================================================
使用shell监控网络实时流量
http://www.cnblogs.com/feisky/archive/2012/01/07/2316009.html
=============================================================================================================
搜索“脚本 端口监控流量”搜出一些脚本。其中[https://www.centos.bz/2014/06/shell-script-for-network-analysis/] 提供的脚本应该可以精确到端口。mark之。
----------------------
通过man iptraf发现其实是可以通过指令行来执行iptraf的,加后缀和参数即可,这样就不通过menu界面来执行了。
iptraf -s eth0 -L /var/log/iptraf/tcp_udp_services-eth0-cmd001.log 可以用。通过这条语句输出的好像就是按照我之前配置的那样,tcp only,端口数也不限于1024之内。我猜测可能是因为它会按照之前配置的要求继续执行。所以我觉得,如果在一台新机器上用的话需要先通过menu配置好。
---------------------------------
找到一个关于iptraf的脚本。http://mainfacts.com/linux-servers-network-how-to/linux-server-iptraf
这篇文章也可参考下《Monitoring network traffic with iptraf and rrdtool》:http://www.taedium.com/rrd-iptraf/
还有man iptraf:http://linux.die.net/man/8/iptraf
===------====-------=====------ ===------====-------=====------ ===------====-------=====------ ===------====-------=====------ ===------====-------=====------
12.11
log 格式
Thu Dec 11 13:48:02 2014; ******** TCP/UDP service monitor started ********
*** TCP/UDP traffic log, generated Thu Dec 11 13:49:02 2014
TCP/36842: 2 packets, 88 bytes total, 0.00 kbits/s; 1 packets, 40 bytes incoming, 0.00 kbits/s; 1 packets, 48 bytes outgoing, 0.00 kbits/s
TCP/139: 8 packets, 360 bytes total, 0.03 kbits/s; 4 packets, 200 bytes incoming, 0.02 kbits/s; 4 packets, 160 bytes outgoing, 0.02 kbits/s
TCP/36841: 2 packets, 88 bytes total, 0.00 kbits/s; 1 packets, 40 bytes incoming, 0.00 kbits/s; 1 packets, 48 bytes outgoing, 0.00 kbits/s
TCP/445: 19 packets, 864 bytes total, 0.10 kbits/s; 10 packets, 504 bytes incoming, 0.07 kbits/s; 9 packets, 360 bytes outgoing, 0.03 kbits/s
TCP/61020: 6 packets, 272 bytes total, 0.04 kbits/s; 3 packets, 120 bytes incoming, 0.00 kbits/s; 3 packets, 152 bytes outgoing, 0.02 kbits/s
TCP/9100: 54 packets, 2448 bytes total, 0.33 kbits/s; 27 packets, 1368 bytes incoming, 0.18 kbits/s; 27 packets, 1080 bytes outgoing, 0.14 kbits/s
TCP/61035: 6 packets, 272 bytes total, 0.04 kbits/s; 3 packets, 120 bytes incoming, 0.00 kbits/s; 3 packets, 152 bytes outgoing, 0.02 kbits/s
TCP/61049: 6 packets, 272 bytes total, 0.04 kbits/s; 3 packets, 120 bytes incoming, 0.00 kbits/s; 3 packets, 152 bytes outgoing, 0.02 kbits/s
TCP/48723: 2 packets, 120 bytes total, 0.00 kbits/s; 0 packets, 0 bytes incoming, 0.00 kbits/s; 2 packets, 120 bytes outgoing, 0.00 kbits/s
TCP/443: 20 packets, 1200 bytes total, 0.20 kbits/s; 20 packets, 1200 bytes incoming, 0.20 kbits/s; 0 packets, 0 bytes outgoing, 0.00 kbits/s
TCP/48724: 2 packets, 120 bytes total, 0.00 kbits/s; 0 packets, 0 bytes incoming, 0.00 kbits/s; 2 packets, 120 bytes outgoing, 0.00 kbits/s
TCP/4445: 2 packets, 104 bytes total, 0.00 kbits/s; 1 packets, 40 bytes incoming, 0.00 kbits/s; 1 packets, 64 bytes outgoing, 0.00 kbits/s
TCP/135: 2 packets, 104 bytes total, 0.00 kbits/s; 1 packets, 64 bytes incoming, 0.00 kbits/s; 1 packets, 40 bytes outgoing, 0.00 kbits/s
TCP/4142: 6 packets, 300 bytes total, 0.05 kbits/s; 3 packets, 120 bytes incoming, 0.00 kbits/s; 3 packets, 180 bytes outgoing, 0.02 kbits/s
TCP/23: 6 packets, 300 bytes total, 0.05 kbits/s; 3 packets, 180 bytes incoming, 0.02 kbits/s; 3 packets, 120 bytes outgoing, 0.00 kbits/s
TCP/45611: 6 packets, 360 bytes total, 0.05 kbits/s; 0 packets, 0 bytes incoming, 0.00 kbits/s; 6 packets, 360 bytes outgoing, 0.05 kbits/s
TCP/45612: 6 packets, 360 bytes total, 0.05 kbits/s; 0 packets, 0 bytes incoming, 0.00 kbits/s; 6 packets, 360 bytes outgoing, 0.05 kbits/s
TCP/61064: 6 packets, 272 bytes total, 0.05 kbits/s; 3 packets, 120 bytes incoming, 0.00 kbits/s; 3 packets, 152 bytes outgoing, 0.03 kbits/s
TCP/61082: 6 packets, 272 bytes total, 0.06 kbits/s; 3 packets, 120 bytes incoming, 0.00 kbits/s; 3 packets, 152 bytes outgoing, 0.03 kbits/s
TCP/42184: 1 packets, 60 bytes total, 0.00 kbits/s; 0 packets, 0 bytes incoming, 0.00 kbits/s; 1 packets, 60 bytes outgoing, 0.00 kbits/s
TCP/42185: 1 packets, 60 bytes total, 0.00 kbits/s; 0 packets, 0 bytes incoming, 0.00 kbits/s; 1 packets, 60 bytes outgoing, 0.00 kbits/s
TCP/46994: 1 packets, 60 bytes total, 0.00 kbits/s; 0 packets, 0 bytes incoming, 0.00 kbits/s; 1 packets, 60 bytes outgoing, 0.00 kbits/s
TCP/39154: 1 packets, 60 bytes total, 0.00 kbits/s; 0 packets, 0 bytes incoming, 0.00 kbits/s; 1 packets, 60 bytes outgoing, 0.00 kbits/s
TCP/61098: 6 packets, 272 bytes total, 0.07 kbits/s; 3 packets, 120 bytes incoming, 0.00 kbits/s; 3 packets, 152 bytes outgoing, 0.04 kbits/s
TCP/61111: 6 packets, 272 bytes total, 0.10 kbits/s; 3 packets, 120 bytes incoming, 0.00 kbits/s; 3 packets, 152 bytes outgoing, 0.05 kbits/s
TCP/61125: 6 packets, 272 bytes total, 0.13 kbits/s; 3 packets, 120 bytes incoming, 0.00 kbits/s; 3 packets, 152 bytes outgoing, 0.07 kbits/s
TCP/37054: 6 packets, 272 bytes total, 0.15 kbits/s; 3 packets, 120 bytes incoming, 0.00 kbits/s; 3 packets, 152 bytes outgoing, 0.08 kbits/s
TCP/37060: 6 packets, 272 bytes total, 0.17 kbits/s; 3 packets, 120 bytes incoming, 0.00 kbits/s; 3 packets, 152 bytes outgoing, 0.08 kbits/s
TCP/37061: 6 packets, 272 bytes total, 0.17 kbits/s; 3 packets, 120 bytes incoming, 0.00 kbits/s; 3 packets, 152 bytes outgoing, 0.08 kbits/s
TCP/61154: 6 packets, 272 bytes total; 3 packets, 120 bytes incoming; 3 packets, 152 bytes outgoing
TCP/37090: 5 packets, 232 bytes total; 2 packets, 80 bytes incoming; 3 packets, 152 bytes outgoing
Running time: 60 seconds
*** TCP/UDP traffic log, generated Thu Dec 11 13:50:02 2014
TCP/36842: 2 packets, 88 bytes total, 0.00 kbits/s; 1 packets, 40 bytes incoming, 0.00 kbits/s; 1 packets, 48 bytes outgoing, 0.00 kbits/s
TCP/139: 22 packets, 996 bytes total, 0.06 kbits/s; 11 packets, 556 bytes incoming, 0.03 kbits/s; 11 packets, 440 bytes outgoing, 0.03 kbits/s
TCP/36841: 2 packets, 88 bytes total, 0.00 kbits/s; 1 packets, 40 bytes incoming, 0.00 kbits/s; 1 packets, 48 bytes outgoing, 0.00 kbits/s
TCP/445: 45 packets, 2044 bytes total, 0.13 kbits/s; 23 packets, 1164 bytes incoming, 0.08 kbits/s; 22 packets, 880 bytes outgoing, 0.06 kbits/s
TCP/61020: 6 packets, 272 bytes total, 0.02 kbits/s; 3 packets, 120 bytes incoming, 0.00 kbits/s; 3 packets, 152 bytes outgoing, 0.01 kbits/s
TCP/9100: 114 packets, 5168 bytes total, 0.35 kbits/s; 57 packets, 2888 bytes incoming, 0.20 kbits/s; 57 packets, 2280 bytes outgoing, 0.15 kbits/s
TCP/61035: 6 packets, 272 bytes total, 0.02 kbits/s; 3 packets, 120 bytes incoming, 0.00 kbits/s; 3 packets, 152 bytes outgoing, 0.01 kbits/s
TCP/61049: 6 packets, 272 bytes total, 0.02 kbits/s; 3 packets, 120 bytes incoming, 0.00 kbits/s; 3 packets, 152 bytes outgoing, 0.01 kbits/s
TCP/48723: 2 packets, 120 bytes total, 0.00 kbits/s; 0 packets, 0 bytes incoming, 0.00 kbits/s; 2 packets, 120 bytes outgoing, 0.00 kbits/s
TCP/443: 3142 packets, 2637293 bytes total, 200.93 kbits/s; 1531 packets, 201335 bytes incoming, 15.33 kbits/s; 1611 packets, 2435958 bytes outgoing, 185.59 kbits/s
TCP/48724: 2 packets, 120 bytes total, 0.00 kbits/s; 0 packets, 0 bytes incoming, 0.00 kbits/s; 2 packets, 120 bytes outgoing, 0.00 kbits/s
TCP/4445: 2 packets, 104 bytes total, 0.00 kbits/s; 1 packets, 40 bytes incoming, 0.00 kbits/s; 1 packets, 64 bytes outgoing, 0.00 kbits/s
TCP/135: 2 packets, 104 bytes total, 0.00 kbits/s; 1 packets, 64 bytes incoming, 0.00 kbits/s; 1 packets, 40 bytes outgoing, 0.00 kbits/s
TCP/4142: 6 packets, 300 bytes total, 0.02 kbits/s; 3 packets, 120 bytes incoming, 0.00 kbits/s; 3 packets, 180 bytes outgoing, 0.01 kbits/s
TCP/23: 6 packets, 300 bytes total, 0.02 kbits/s; 3 packets, 180 bytes incoming, 0.01 kbits/s; 3 packets, 120 bytes outgoing, 0.00 kbits/s
TCP/45611: 7 packets, 420 bytes total, 0.03 kbits/s; 0 packets, 0 bytes incoming, 0.00 kbits/s; 7 packets, 420 bytes outgoing, 0.03 kbits/s
TCP/45612: 7 packets, 420 bytes total, 0.03 kbits/s; 0 packets, 0 bytes incoming, 0.00 kbits/s; 7 packets, 420 bytes outgoing, 0.03 kbits/s
TCP/61064: 6 packets, 272 bytes total, 0.02 kbits/s; 3 packets, 120 bytes incoming, 0.00 kbits/s; 3 packets, 152 bytes outgoing, 0.01 kbits/s
TCP/61082: 6 packets, 272 bytes total, 0.02 kbits/s; 3 packets, 120 bytes incoming, 0.00 kbits/s; 3 packets, 152 bytes outgoing, 0.01 kbits/s
TCP/42184: 1 packets, 60 bytes total, 0.00 kbits/s; 0 packets, 0 bytes incoming, 0.00 kbits/s; 1 packets, 60 bytes outgoing, 0.00 kbits/s
TCP/42185: 1 packets, 60 bytes total, 0.00 kbits/s; 0 packets, 0 bytes incoming, 0.00 kbits/s; 1 packets, 60 bytes outgoing, 0.00 kbits/s
TCP/46994: 1 packets, 60 bytes total, 0.00 kbits/s; 0 packets, 0 bytes incoming, 0.00 kbits/s; 1 packets, 60 bytes outgoing, 0.00 kbits/s
TCP/39154: 1 packets, 60 bytes total, 0.00 kbits/s; 0 packets, 0 bytes incoming, 0.00 kbits/s; 1 packets, 60 bytes outgoing, 0.00 kbits/s
TCP/61098: 6 packets, 272 bytes total, 0.02 kbits/s; 3 packets, 120 bytes incoming, 0.00 kbits/s; 3 packets, 152 bytes outgoing, 0.01 kbits/s
TCP/61111: 6 packets, 272 bytes total, 0.02 kbits/s; 3 packets, 120 bytes incoming, 0.00 kbits/s; 3 packets, 152 bytes outgoing, 0.01 kbits/s
TCP/61125: 6 packets, 272 bytes total, 0.03 kbits/s; 3 packets, 120 bytes incoming, 0.00 kbits/s; 3 packets, 152 bytes outgoing, 0.01 kbits/s
TCP/37054: 6 packets, 272 bytes total, 0.03 kbits/s; 3 packets, 120 bytes incoming, 0.00 kbits/s; 3 packets, 152 bytes outgoing, 0.01 kbits/s
TCP/37060: 6 packets, 272 bytes total, 0.03 kbits/s; 3 packets, 120 bytes incoming, 0.00 kbits/s; 3 packets, 152 bytes outgoing, 0.01 kbits/s
TCP/37061: 6 packets, 272 bytes total, 0.03 kbits/s; 3 packets, 120 bytes incoming, 0.00 kbits/s; 3 packets, 152 bytes outgoing, 0.01 kbits/s
TCP/61154: 6 packets, 272 bytes total, 0.03 kbits/s; 3 packets, 120 bytes incoming, 0.00 kbits/s; 3 packets, 152 bytes outgoing, 0.02 kbits/s
略去一些
TCP/38035: 5 packets, 232 bytes total; 2 packets, 80 bytes incoming; 3 packets, 152 bytes outgoing
TCP/38038: 2 packets, 92 bytes total; 1 packets, 40 bytes incoming; 1 packets, 52 bytes outgoing
TCP/38039: 2 packets, 92 bytes total; 1 packets, 40 bytes incoming; 1 packets, 52 bytes outgoing
Running time: 120 seconds
*** TCP/UDP traffic log, generated Thu Dec 11 13:51:02 2014
TCP/36842: 2 packets, 88 bytes total, 0.00 kbits/s; 1 packets, 40 bytes incoming, 0.00 kbits/s; 1 packets, 48 bytes outgoing, 0.00 kbits/s
TCP/139: 34 packets, 1540 bytes total, 0.07 kbits/s; 17 packets, 860 bytes incoming, 0.03 kbits/s; 17 packets, 680 bytes outgoing, 0.03 kbits/s
TCP/36841: 2 packets, 88 bytes total, 0.00 kbits/s; 1 packets, 40 bytes incoming, 0.00 kbits/s; 1 packets, 48 bytes outgoing, 0.00 kbits/s
TCP/445: 70 packets, 3172 bytes total, 0.14 kbits/s; 35 packets, 1772 bytes incoming, 0.08 kbits/s; 35 packets, 1400 bytes outgoing, 0.06 kbits/s
略
去
一
些
TCP/61430: 6 packets, 272 bytes total, 0.12 kbits/s; 3 packets, 120 bytes incoming, 0.00 kbits/s; 3 packets, 152 bytes outgoing, 0.06 kbits/s
TCP/38193: 6 packets, 272 bytes total, 0.15 kbits/s; 3 packets, 120 bytes incoming, 0.00 kbits/s; 3 packets, 152 bytes outgoing, 0.08 kbits/s
TCP/38198: 6 packets, 272 bytes total, 0.17 kbits/s; 3 packets, 120 bytes incoming, 0.00 kbits/s; 3 packets, 152 bytes outgoing, 0.08 kbits/s
TCP/38199: 6 packets, 272 bytes total, 0.17 kbits/s; 3 packets, 120 bytes incoming, 0.00 kbits/s; 3 packets, 152 bytes outgoing, 0.08 kbits/s
TCP/61447: 6 packets, 272 bytes total, 0.18 kbits/s; 3 packets, 120 bytes incoming, 0.00 kbits/s; 3 packets, 152 bytes outgoing, 0.09 kbits/s
TCP/61461: 6 packets, 272 bytes total, 0.40 kbits/s; 3 packets, 120 bytes incoming, 0.00 kbits/s; 3 packets, 152 bytes outgoing, 0.20 kbits/s
TCP/38222: 6 packets, 272 bytes total; 3 packets, 120 bytes incoming; 3 packets, 152 bytes outgoing
TCP/38225: 2 packets, 92 bytes total; 1 packets, 40 bytes incoming; 1 packets, 52 bytes outgoing
TCP/38226: 2 packets, 92 bytes total; 1 packets, 40 bytes incoming; 1 packets, 52 bytes outgoing
Running time: 180 seconds
======================================================================================================================================================================================
既然执行-B时是把数据redirect到dev/null中,那可以尝试找一下能不能redirect到别的文件中。
新的iptraf存在以下路径。使用时得指定路径,或者加到path变量中。
/usr/local/bin/iptraf
在iptraf-3.0.0-Redirect-2.tar.gz中,我对iptraf.c中两处出现dev/null的地方都改成了dev/ryanRedirect. 此外,修复了编译时<linux/if_tr.h>不存在的bug。只需将其改成#include <netinet/if_tr.h.h>。详见https://dev.openwrt.org/ticket/12538