使用Tcptrack跟踪TCP连接
2013-03-20 21:49:47 阿炯
Tcptrack是一款快速监控服务器网络连接及带宽使用量的小工具,及时刷新界面。

Tcptrack is an excellent tool to monitor your server network connections and bandwidth quickly.

一、安装
安装tcptrack rpm包
# wget http://pkgs.repoforge.org/tcptrack/tcptrack-1.4.0-1.el5.rf.x86_64.rpm
# rpm -ivh tcptrack-1.4.0-1.el5.rf.i386.rpm

下载源码安装
# tar zxvf tcptrack-1.4.0.tar.gz
# cd tcptrack-1.4.0
# ./configure ; make & make install

二、使用参考
Run 'tcptrack -h' to list help menu :

Usage: tcptrack [-dfhvp] [-r <seconds>] -i <interface> [<filter expression>]

TCPtrack can monitor only one nic at once with only one parameter to run (if you have two nic ie.. eth0 & eth1 )
# tcptrack -i eth0

Tcptrack can also take a pcap filter expression as an argument. The format of this filter expression is the same as that of tcpdump(8) and other libpcap-based sniffers. The following example will only show connections from host ip-addr.

# tcptrack -i eth0 src or dst 68.36.12.34

To monitor the specific ports (ie..port 80 and 22):

# tcptrack -i eth0 port 80
# tcptrack -i eth0 port 22

Tcptrack is little resouce intensive, try to use -f option for fast  average recalculation under less resource usage.