Man Linux: Main Page and Category List

NAME

       jnettop - View hosts/ports taking up the most network traffic

SYNOPSIS

       jnettop [options] [-i interface] [-d filename] [-f filename] [-x rule]

DESCRIPTION

       This  manual  page  documents  briefly the jnettop command. This manual
       page is OBSOLETE. Please use jnettop -h as a main source of information
       about usage.

       jnettop  captures  traffic  coming across the host it is running on and
       displays streams sorted by bandwidth they use. Result is a nice listing
       of  communication  on  network  by  host  and port, how many bytes went
       through this transport and the bandwidth it is consuming.

OPTIONS

       These programs follow the usual GNU  command  line  syntax,  with  long
       options  starting  with  two  dashes  (‘-’).   A  summary of options is
       included below.

       -h, --help
              Show summary of options.

       -v, --version
              Show version of program.

       -c, --content-filter
              disable content filtering

       -d, --debug filename
              write debug information into file

       -f, --config-file filename
              reads configuration from filename. defaults  to  ~/.jnettop.  an
              example can be found at /usr/share/doc/jnettop/dot.jnettop.

       -i, --interface name
              capture packets on specified interface

       --local-aggr [none|host|port|host+port]
              set local aggregation to specified value

       -n, --no-resolver
              disable resolving of ip addresses

       -p, --promiscuous
              enables promiscuous mode on the sniffed interface

       --remote-aggr [none|host|port|host+port]
              set remote aggregation to specified value

       -s, --select-rule name
              selects  one of the rules defined in .jnettop configuration file
              (by it’s name)

       -x, --filter rule
              allows for specification of custom filtering rule.  this  allows
              for tcpdump(1) style syntax. don’t forget to enclolse the filter
              into quotes when running from a shell.

CONFIGURATION

       Program looks for settings in the file specified by parameter -f, which
       defaults  to  ~/.jnettop.  Configuration  file is an ordinary text file
       with keywords and their arguments. You HAVE to enclose  arguments  into
       double quotes. Available keywords are:

       interface "<interface_name>"
              The  interface  keyword  specifies network interface on which to
              start listening. Example:

              interface "eth0"

       local_aggregation [none|host|port|host+port]
              The local_aggregation keyword  specifies  initial  active  local
              aggregation.  Valid  values are none, host, port, and host+port.
              Example:

              local_aggregation host

       promisc [on|off]
              The promisc keyword specifies, whether jnettop captures  packets
              in promiscuous mode. Example:

              promisc on

       remote_aggregation [none|host|port|host+port]
              The  remote_aggregation  keyword specifies initial active remote
              aggregation. Valid values are none, host, port,  and  host+port.
              Example:

              remote_aggregation port

       resolve [on|off]
              The resolve keyword specifies, whether resolving is performed on
              the IP addresses or not.

              resolve off

       resolve_rule "<network  address>"  "<network  mask>"  [normal|external]
       (<arguments> ...)
              The  resolve_rule  keyword  adds  one  resolver  into  list   of
              resolvers   for   specified  address.  When  resolving,  jnettop
              examines all the rules in the order how they were  specified  in
              configuration  file.  If  the  network address matches specified
              range, declared resolver is used. Resolver can be normal,  which
              means  the  standard  DNS  lookup  or  external,  which executes
              specified external program to perform  resolving.  This  can  be
              used  with  bundled jnettop-lookup-nmb script, which looks up IP
              addresses using nmblookup(1)  tool.  If  a  tool  returns  empty
              string  or  DNS  is not found, next rule is examined. If jnettop
              runs out of rules, than the standard DNS lookup is executed.

              resolve_rule "192.168.0.0" "255.255.255.0" normal
              resolve_rule     "192.168.0.0"     "255.255.255.0"      external
              "/usr/share/jnettop/jnettop-lookup-nbm"

       rule "<rule_name>" "<rule_definition>"
              The  rule  keyword  defines  a set of predefined tcpdump(1)-like
              filters to apply. You can specify various filters  as  "show  me
              what 192.168.1.32" sends:

              rule "show 192.168.1.32" "src 192.168.1.32"

       select_rule "<rule_name>"
              The  select_rule  keyword  specifies  initial  active predefined
              rule. The rule must be defined  before  this  keyword  is  used.
              Example:

              select_rule "show 192.168.1.32"

       variable "<variable_name>" "<variable_contents>"
              The  variable  keyword  introduces  a string variable for use in
              future  rule  definitions.  It  can  be  used  to  shorten  rule
              definitions. Example:

              variable   "intranet"   "net  192.168.0.0/16  or  10.0.0.0/8  or
              172.16.0.0/12"

       For more information, see README file or .jnettop example configuration
       file included in distribution.

AUTHOR

       This manual page was originally written by Ari Pollak <ari@debian.org>,
       for the Debian GNU/Linux system. Small changes were introduced by Jakub
       Skopal <j@kubs.cz>

                                 April 8, 2006