Inspect network traffic from simple linux cli app
Use tcpdump
in command line or wireshark
in desktop.
For example, to capture web traffic.tcpdump -s0 -i any -wfile.pcap port 80
To watch it directly remove the -wfile.pcap
To read a previously saved filetcpdump -r file.pcap
However for web traffic if you are interested of watching the http flow as it comes I like to use tcpflow -C port 80
What's the easiest way to sniff TCP traffic data on Linux?
Update:
As pointed by Michal in the comments:
From tcpflow version 1.3 the -e option is used for specifying the scanner name. So the error "Invalid scanner name '8983'" is printed. The correct command is
sudo tcpflow -i any -C -J port 1234
(also -J
has been changed to -g
in the latest release)
Thanks to yves for pointing me to "tcpflow". Here's the commmand-line:
tcpflow -i any -C -e port 1234 # as root, or with sudo
This does everything I want
- displays the data byte-for-byte as it comes in
- doesn't display any other metadata
- listens on all interfaces (so it captures data coming from within the machine and outside)
The "-C
" tells it to dump to the console instead of a file.
The "-e
" enables colors so client->server and server->client are visually distinct.
I installed tcpflow by simply doing
sudo apt-get install tcpflow
Network usage top/htop on Linux
jnettop is another candidate.
edit: it only shows the streams, not the owner processes.
How can I get the current network interface throughput statistics on Linux/UNIX?
You can parse the output of ifconfig
Monitor TCP Traffic on specific port
edit: I'm still getting upvotes for this years later. Please don't go for this answer, the answer using iptables
here is far superior in my opinion.
tcpdump port 443 and '(tcp-syn|tcp-ack)!=0'
or only tcp-syn
, or only tcp-ack
(my guess would be that one), depending on what you need.
can we sniff some program's network traffic?
You have to either capture packets where you receive a duplicate from the NIC (pcap), or route requests through your own application so you can inspect the live packet flow (proxy-like).
For a WinPcap implementation in C#, take a look at SharpPcap. For a proxy, see here.
how to monitor the network on node.js similar to chrome/firefox developer tools?
I know it's not pretty, but you could always output the content of the response headers on the console inside your request call:
var req = https.request(options, function(res) {
console.log("statusCode: ", res.statusCode);
console.log("headers: ", res.headers);
res.on('data', function(d) {
process.stdout.write(d);
});
});
Your original question, however, was not about problems with the server side but rather a problem with the node code itself so this wouldn't be of much use here.
Related Topics
Does a Fully Qualified Domain Name Need a Period
How to Concatenate Svg Files Lengthwise from Linux Command Line
Embedded Linux Poll() Returns Constantly
How Limit Memory Usage for a Single Linux Process and Not Kill The Process
How to Join 2 CSV Files with a Shell Script
How to Dynamic Load The Library with Same Name But in Different Directory in Linux
Windows .Crl to .Pem for Nginx
How to Get Opencl Working on an Ati Radeon Card
What Is The Differences and Relationships Between "Process", "Threads", "Task" and "Jobs" in Linux
Installing a Fully Functional Postgis 2.0 on Ubuntu Linux Geos/Gdal Issues
How to Use Unicode in Aspell Dictionary
When Compiling Programs to Run Inside a Vm, What Should March and Mtune Be Set To
List of Synchronous and Asynchronous Linux/Posix Signals
Udp Server Giving Segmentation Fault
Why Sizeof(Spinlock_T) Is Greater Than Zero on Uni-Processor