Monitoring (measuring) the traffic consumed in Linux
Once I needed to measure the amount of traffic that a certain application "devoured". One way to do this is to install a proxy. But what if you don’t want to install a proxy server? .. I didn’t want to. In search of other ways, I first rummaged Habr, then the Internet. Since I once spent a lot of time on this, now I create this note so that others will not have such a problem.
IMPORTANT:
This method works if we know what address (es) our application is accessing, or from which / which ports.
iptraf is a small program that can monitor all network activity of a computer.
Sources and binaries can be downloaded from the iptraf website.
In the case of Ubuntu, you can install iptraf by running the following command:
sudo apt-get install iptraf
')
In the terminal we write: iptraf
It is necessary to enable logging (otherwise the program is limited to displaying on the screen). This is done, obviously, in the section “Configure” .
We leave the settings, click "IP traffic monitor" and select the path to the file, where we will log the network activity.
After that we should see the following picture:
That's all you need! Nearly.
As I mentioned above, you need to know what address / port our application is accessing (the traffic of which we calculate).
For example, if we want to calculate how much traffic "costs" an hour of last.fm radio, we must determine the following:
last.fm application addresses addresses like this:
195.24. * (Last.fm does not refer to one address, but refers to a range of addresses).
To get the amount of traffic eaten from the log (which was written an hour), I wrote a small “program” in java, which counts this traffic:
This option works well when you constantly write logs, and then you need to measure “something there”. You just need to write / configure the parser exactly as needed in a particular situation, and then you can get all the necessary data.
Perhaps this is not the best option (albeit a working one). There are many other options:
http: //help.ubuntu.ru / ...
http://iptraf.seul.org/2.7/filters.html
And so on.
IMPORTANT:
This method works if we know what address (es) our application is accessing, or from which / which ports.
Step-by-step instruction
1. iptraf
iptraf is a small program that can monitor all network activity of a computer.
Sources and binaries can be downloaded from the iptraf website.
In the case of Ubuntu, you can install iptraf by running the following command:
sudo apt-get install iptraf
')
2. Run!
In the terminal we write: iptraf
3. Customize
It is necessary to enable logging (otherwise the program is limited to displaying on the screen). This is done, obviously, in the section “Configure” .
4. Start monitoring
We leave the settings, click "IP traffic monitor" and select the path to the file, where we will log the network activity.
After that we should see the following picture:
That's all you need! Nearly.
5. Analysis
As I mentioned above, you need to know what address / port our application is accessing (the traffic of which we calculate).
For example, if we want to calculate how much traffic "costs" an hour of last.fm radio, we must determine the following:
last.fm application addresses addresses like this:
195.24. * (Last.fm does not refer to one address, but refers to a range of addresses).
To get the amount of traffic eaten from the log (which was written an hour), I wrote a small “program” in java, which counts this traffic:
package stat; import java.io.BufferedReader; import java.io.FileReader; import java.io.IOException; /** * * @author http://habrahabr.ru/users/nucleotide/ */ public class Main { public static void main(String[] args) throws IOException { BufferedReader reader = new BufferedReader(new FileReader("/var/log/iptraf/ip_traffic")); String line; long count = 0; long traffic = 0; while ((line = reader.readLine()) != null) { count++; String s[] = line.split(" "); if (s.length < 12) { continue; } if (s[10].contains("195.24.") || s[12].contains("195.24.")) { //"from" and "to" traffic += new Long(s[7]); if(s.length>16) traffic += new Long(s[17]); } } System.out.println("Count: " + count + " lines"); System.out.println("Total: " + traffic + " bytes!"); System.out.println("Total: " + traffic / 1024 + " Kbytes!"); System.out.println("Total: " + traffic / (1024 * 1024) + " Mbytes!"); } } This option works well when you constantly write logs, and then you need to measure “something there”. You just need to write / configure the parser exactly as needed in a particular situation, and then you can get all the necessary data.
Perhaps this is not the best option (albeit a working one). There are many other options:
http: //help.ubuntu.ru / ...
http://iptraf.seul.org/2.7/filters.html
And so on.
Source: https://habr.com/ru/post/131504/
All Articles