nethogs
nethogs - Gruppierung der Bandbreite nach Prozessen
Beschreibung
- Net top tool grouping bandwidth per process
NetHogs is a small 'net top' tool. Instead of breaking the traffic down per protocol or per subnet, like most such tools do, it groups bandwidth by process - and does not rely on a special kernel module to be loaded. So if there's suddenly a lot of network traffic, you can fire up NetHogs and immediately see which PID is causing this, and if it's some kind of spinning process, kill it.
Installation
Anwendungen
INTERACTIVE CONTROL
| Option | Beschreibung |
|---|---|
| q | quit |
| s | sort by SENT traffic |
| r | sort by RECEIVED traffic |
| l | display command line |
| b | display the program basename |
| m | switch between total (KB, B, MB) and throughput (KB/s, MB/s, GB/s) mode |
RUNNING WITHOUT ROOT
In order to be run by an unprivileged user, nethogs needs the cap_net_admin and cap_net_raw capabilities. These can be set on the executable by using the setcap(8) command, as follows:
$ sudo setcap "cap_net_admin,cap_net_raw+pe" /usr/local/sbin/nethogs
- Note
- When using the -P <pid> option, in a case where a process exited (normally or abruptly), Nethogs does not track that it exited. So, the operating system might create a new process (for another program) with the same pid. In this case, this new process will be shown by Nethogs.
Fehlerbehebung
Syntax
- nethogs [-V] [-h] [-x] [-d seconds] [-v mode] [-c count] [-t] [-p] [-s] [-a] [-l] [-f filter] [-C] [-b] [-g period] [-P pid] [device(s)]
Optionen
| Option | Beschreibung |
|---|---|
| -V | prints version. |
| -h | prints available commands usage. |
| -x | bughunt mode - implies tracemode. |
| -d | delay for update refresh rate in seconds. default is 1. |
| -v | view mode (0 = KB/s, 1 = total KB, 2 = total B, 3 = total MB, 4 = MB/s, 5 = GB/s). default is 0. |
| -c | number of updates. default is 0 (unlimited). |
| -t | tracemode. |
| -p | sniff in promiscuous mode (not recommended). |
| -s | sort output by sent column. |
| -l | display command line. |
| -a | monitor all devices, even loopback/stopped ones. |
| -C | capture TCP and UDP. |
| -b | Display the program basename. |
| -g | garbage collection period in number of refresh. default is 50. |
| -P | Show only processes with the specified pid(s). |
| -f | EXPERIMENTAL: specify string pcap filter (like tcpdump). This may be removed or changed
in a future version. |
| device(s) | ... to monitor. Default is all interfaces up and running excluding loopback |
Parameter
Umgebungsvariablen
Exit-Status
Konfiguration
Dateien
Sicherheit
Siehe auch
- netstat(8)
- tcpdump(1)
- pcap(3)
Dokumentation
RFC
Man-Pages
Info-Pages
Links
Einzelnachweise
Projekt
Weblinks
Testfragen
Testfrage 1
Antwort1
Testfrage 2
Antwort2
Testfrage 3
Antwort3
Testfrage 4
Antwort4
Testfrage 5
Antwort5