How to install iftop on Linux - Xmodulo


: 2

iftop is a command line tool that shows a list of active network connections between local host and any remote host, sorted by their bandwidth usage. The list of top-ranking network connections (in terms of bandwidth usage) is periodically refreshed in a ncurses-based user interface. Using iftop, you can visually check the bidirectional bandwidth usage of different network connections in real time. In order to install iftop on Linux, follow the instructions below.

To install iftop on Ubuntu, Mint or Debian, run:

$ sudo apt-get install iftop

To install iftop on CentOS or RHEL, first set up Repoforge repository on your system, and then run the following command.

$ sudo yum install iftop

To install iftop on Fedora, simply run:

$ sudo yum install iftop

If you would like to build and install the latest version of iftop manually, do the following.

$ sudo yum -y install ncurses-devel libpcap-devel
$ wget
$ tar xvfvz iftop-0.17.tar.gz
$ cd iftop-0.17
$ ./configure
$ make
$ sudo make install

Monitor Network Traffic in Real-Time with iftop

To monitor network traffic received on a specific network interface (e.g., eth0) with iftop, run the following command.

$ sudo iftop -i eth0

iftop supports rudimentary packet filtering rules with "-f" option. For example:

To monitor DNS traffic:

$ sudo iftop -i eth0 -f 'port domain'

To monitor HTTP traffic:

$ sudo iftop -i eth0 -f 'port http'

To monitor HTTP traffic while excluding a specific host:

$ sudo iftop -i eth0 -f 'port http and not host'

To monitor network traffic while ignoring broadcast packets.

$ sudo iftop -i eth0 -f 'not ether host ff:ff:ff:ff:ff:ff'

To monitor ICMP traffic:

$ sudo iftop -i eth0 -f 'icmp'

The screenshot of iftop looks as follows.

Screenshot of iftop command