bionic (8) jnettop.8.gz

Provided by: jnettop_0.13.0-1ubuntu3_amd64 bug

NAME
       jnettop - View hosts/ports taking up the most network traffic


SYNOPSIS
       jnettop [options] [-i interface] [-d filename] [-f filename] [-x rule]


DESCRIPTION
       This  manual page documents briefly the jnettop command. This manual page is OBSOLETE. Please use jnettop
       -h as a main source of information about usage.

       jnettop captures traffic coming across the host it is running on and displays streams sorted by bandwidth
       they  use.  Result  is  a  nice listing of communication on network by host and port, how many bytes went
       through this transport and the bandwidth it is consuming.


OPTIONS
       These programs follow the usual GNU command line syntax, with  long  options  starting  with  two  dashes
       (`-').  A summary of options is included below.

       -h, --help
              Show summary of options.

       -v, --version
              Show version of program.

       -c, --content-filter
              disable content filtering

       -d, --debug filename
              write debug information into file

       -f, --config-file filename
              reads   configuration  from  filename.  defaults  to  ~/.jnettop.  an  example  can  be  found  at
              /usr/share/doc/jnettop/dot.jnettop.

       -i, --interface name
              capture packets on specified interface

       --local-aggr [none|host|port|host+port]
              set local aggregation to specified value

       -n, --no-resolver
              disable resolving of ip addresses

       -p, --promiscuous
              enables promiscuous mode on the sniffed interface

       --remote-aggr [none|host|port|host+port]
              set remote aggregation to specified value

       -s, --select-rule name
              selects one of the rules defined in .jnettop configuration file (by it's name)

       -x, --filter rule
              allows for specification of custom filtering rule. this allows for tcpdump(1) style syntax.  don't
              forget to enclolse the filter into quotes when running from a shell.


CONFIGURATION
       Program  looks  for  settings  in  the  file  specified  by  parameter  -f, which defaults to ~/.jnettop.
       Configuration file is an ordinary text file with keywords  and  their  arguments.  You  HAVE  to  enclose
       arguments into double quotes. Available keywords are:

       interface "<interface_name>"
              The interface keyword specifies network interface on which to start listening. Example:

              interface "eth0"

       local_aggregation [none|host|port|host+port]
              The  local_aggregation  keyword specifies initial active local aggregation. Valid values are none,
              host, port, and host+port. Example:

              local_aggregation host

       promisc [on|off]
              The promisc keyword specifies, whether jnettop captures packets in promiscuous mode. Example:

              promisc on

       remote_aggregation [none|host|port|host+port]
              The remote_aggregation keyword specifies initial active remote aggregation. Valid values are none,
              host, port, and host+port. Example:

              remote_aggregation port

       resolve [on|off]
              The resolve keyword specifies, whether resolving is performed on the IP addresses or not.

              resolve off

       resolve_rule "<network address>" "<network mask>" [normal|external] (<arguments> ...)
              The  resolve_rule  keyword  adds  one  resolver into list of resolvers for specified address. When
              resolving, jnettop examines all the rules in the order how they were  specified  in  configuration
              file.  If  the network address matches specified range, declared resolver is used. Resolver can be
              normal, which means the standard DNS lookup or external, which executes specified external program
              to  perform  resolving. This can be used with bundled jnettop-lookup-nmb script, which looks up IP
              addresses using nmblookup(1) tool. If a tool returns empty string or DNS is not found,  next  rule
              is examined. If jnettop runs out of rules, than the standard DNS lookup is executed.

              resolve_rule "192.168.0.0" "255.255.255.0" normal
              resolve_rule "192.168.0.0" "255.255.255.0" external "/usr/share/jnettop/jnettop-lookup-nbm"

       rule "<rule_name>" "<rule_definition>"
              The  rule  keyword  defines  a set of predefined tcpdump(1)-like filters to apply. You can specify
              various filters as "show me what 192.168.1.32" sends:

              rule "show 192.168.1.32" "src 192.168.1.32"

       select_rule "<rule_name>"
              The select_rule keyword specifies initial active predefined rule. The rule must be defined  before
              this keyword is used. Example:

              select_rule "show 192.168.1.32"

       variable "<variable_name>" "<variable_contents>"
              The  variable  keyword  introduces a string variable for use in future rule definitions. It can be
              used to shorten rule definitions. Example:

              variable "intranet" "net 192.168.0.0/16 or 10.0.0.0/8 or 172.16.0.0/12"

       For more information, see README file or .jnettop example configuration file included in distribution.


AUTHOR
       This manual page was originally written by Ari Pollak <ari@debian.org>, for the Debian GNU/Linux  system.
       Small changes were introduced by Jakub Skopal <j@kubs.cz>

                                                  April 8, 2006                                       JNETTOP(8)