|JNETTOP(8)||System Manager's Manual||JNETTOP(8)|
jnettop - View hosts/ports taking up the most network traffic
jnettop [options] [-i interface] [-d filename] [-f filename] [-x rule]
This manual page documents briefly the jnettop command. This manual page is OBSOLETE. Please use jnettop -h as a main source of information about usage.
jnettop captures traffic coming across the host it is running on and displays streams sorted by bandwidth they use. Result is a nice listing of communication on network by host and port, how many bytes went through this transport and the bandwidth it is consuming.
These programs follow the usual GNU command line syntax, with long options starting with two dashes (`-'). A summary of options is included below.
- -h, --help
- Show summary of options.
- -v, --version
- Show version of program.
- -c, --content-filter
- disable content filtering
- -d, --debug filename
- write debug information into file
- -f, --config-file filename
- reads configuration from filename. defaults to ~/.jnettop. an example can be found at /usr/share/doc/jnettop/dot.jnettop.
- -i, --interface name
- capture packets on specified interface
- --local-aggr [none|host|port|host+port]
- set local aggregation to specified value
- -n, --no-resolver
- disable resolving of ip addresses
- -p, --promiscuous
- enables promiscuous mode on the sniffed interface
- --remote-aggr [none|host|port|host+port]
- set remote aggregation to specified value
- -s, --select-rule name
- selects one of the rules defined in .jnettop configuration file (by it's name)
- -x, --filter rule
- allows for specification of custom filtering rule. this allows for tcpdump(1) style syntax. don't forget to enclolse the filter into quotes when running from a shell.
Program looks for settings in the file specified by parameter -f, which defaults to ~/.jnettop. Configuration file is an ordinary text file with keywords and their arguments. You HAVE to enclose arguments into double quotes. Available keywords are:
- interface "<interface_name>"
- The interface keyword specifies network interface on which to start listening. Example:
- local_aggregation [none|host|port|host+port]
- The local_aggregation keyword specifies initial active local aggregation. Valid values are none, host, port, and host+port. Example:
- promisc [on|off]
- The promisc keyword specifies, whether jnettop captures packets in promiscuous mode. Example:
- remote_aggregation [none|host|port|host+port]
- The remote_aggregation keyword specifies initial active remote aggregation. Valid values are none, host, port, and host+port. Example:
- resolve [on|off]
- The resolve keyword specifies, whether resolving is performed on the IP addresses or not.
- resolve_rule "<network address>" "<network mask>" [normal|external] (<arguments> ...)
- The resolve_rule keyword adds one resolver into list of resolvers for specified address. When resolving, jnettop examines all the rules in the order how they were specified in configuration file. If the network address matches specified range, declared resolver is used. Resolver can be normal, which means the standard DNS lookup or external, which executes specified external program to perform resolving. This can be used with bundled jnettop-lookup-nmb script, which looks up IP addresses using nmblookup(1) tool. If a tool returns empty string or DNS is not found, next rule is examined. If jnettop runs out of rules, than the standard DNS lookup is executed.
resolve_rule "192.168.0.0" "255.255.255.0"
resolve_rule "192.168.0.0" "255.255.255.0" external "/usr/share/jnettop/jnettop-lookup-nbm"
- rule "<rule_name>" "<rule_definition>"
- The rule keyword defines a set of predefined tcpdump(1)-like filters to apply. You can specify various filters as "show me what 192.168.1.32" sends:
rule "show 192.168.1.32" "src 192.168.1.32"
- select_rule "<rule_name>"
- The select_rule keyword specifies initial active predefined rule. The rule must be defined before this keyword is used. Example:
select_rule "show 192.168.1.32"
- variable "<variable_name>" "<variable_contents>"
- The variable keyword introduces a string variable for use in future rule definitions. It can be used to shorten rule definitions. Example:
variable "intranet" "net 192.168.0.0/16 or 10.0.0.0/8 or 172.16.0.0/12"
This manual page was originally written by Ari Pollak <email@example.com>, for the Debian GNU/Linux system. Small changes were introduced by Jakub Skopal <firstname.lastname@example.org>
|April 8, 2006|