Skip to content

raboof/nethogs

BranchesTags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

424 Commits

.github

.github

 
 

doc

doc

 
 

habitat

habitat

 
 

python

python

 
 

src

src

 
 

.cproject

.cproject

 
 

.gitignore

.gitignore

 
 

.project

.project

 
 

.travis.yml

.travis.yml

 
 

COPYING

COPYING

 
 

DESIGN

DESIGN

 
 

INSTALL

INSTALL

 
 

Makefile

Makefile

 
 

README.decpcap.txt

README.decpcap.txt

 
 

README.md

README.md

 
 

determineVersion.sh

determineVersion.sh

 
 

pyproject.toml

pyproject.toml

 
 

setup.py

setup.py

 
 

Repository files navigation

Nethogs

Build Status

Introduction

NetHogs is a small 'net top' tool. Instead of breaking the traffic down per protocol or per subnet, like most tools do, it groups bandwidth by process.

screenshot

NetHogs does not rely on a special kernel module to be loaded. If there's suddenly a lot of network traffic, you can fire up NetHogs and immediately see which PID is causing this. This makes it easy to identify programs that have gone wild and are suddenly taking up your bandwidth.

Since NetHogs heavily relies on /proc, most features are only available on Linux. NetHogs can be built on Mac OS X and FreeBSD, but it will only show connections, not processes.

Status

Nethogs is a mature piece of software included in most Linux distributions.

Ideas for features, as well as open bugs, can be found on issues' label:enhancement.

Downloading

You can clone this repo or get a source release from https://github.com/raboof/nethogs/releases

Building from source

Nethogs depends on ncurses for the text-based interface and libpcap for user-level packet capture. So you need to install both development libraries before building nethogs.

Debian/Ubuntu

apt-get install build-essential libncurses5-dev libpcap-dev

Yum-based distro's

yum install gcc-c++ libpcap-devel.x86_64 libpcap.x86_64 "ncurses*"

Getting the source

The master branch is intended to be stable at all times:

git clone https://github.com/raboof/nethogs

Building

After that, simply

make
sudo ./src/nethogs

Installing

For all distributions
sudo make install
hash -r
sudo nethogs
On Debian
sudo apt-get install checkinstall
sudo checkinstall -D make install
sudo dpkg -i nethogs*.deb
On Arch Linux
sudo pacman -S nethogs

Upgrading

When upgrading (or downgrading), you can simply install the new version 'over' the old one.

Uninstalling

If you want to remove Nethogs from your system, you can:

sudo make uninstall

Running without root

In order to be run by a non-root user, nethogs needs the cap_net_admin and cap_net_raw capabilities; additionally, to read and display process names, cap_dac_read_search and cap_sys_ptrace capabilities are required. These can be set on the executable by using the setcap command, as follows:

sudo setcap "cap_net_admin,cap_net_raw,cap_dac_read_search,cap_sys_ptrace+pe" /usr/local/sbin/nethogs

Coding standards

We use the LLVM coding standards, with the exception that we do allow 'return' after 'else' if it makes the code more readable.

Note to contributors: feel free to request more exceptions and we'll list them here.

Not all code currently adheres to this standard. Pull requests fixing style are welcome, and do write new code in the proper style, but please do not mix style fixes and new functionality in one pull request.

When writing new code, at least run 'make format' to have clang-format fix some superficial style aspects.

libnethogs

Apart from the 'nethogs' tool, this codebase now also builds as a 'libnethogs' library. This is highly experimental, and we expect to break source and binary compatibility while we look for the right abstraction points. Packaging libnethogs as an independent package is currently discouraged, as the chance of different applications successfully using the same libnethogs are slim.

Build it with make libnethogs, install with make install_lib or make install_dev.

libnethogs is being used in https://github.com/mb-gh/gnethogs

links

Nethogs monitors traffic going to/from a machine, per process. Other tools rather monitor what kind of traffic travels to, from or through a machine, etcetera. I'll try to link to such tools here. By all means open an issue/PR if you know another:

  • nettop shows packet types, sorts by either size or number of packets.
  • ettercap is a network sniffer/interceptor/logger for ethernet
  • darkstat breaks down traffic by host, protocol, etc. Geared towards analysing traffic gathered over a longer period, rather than `live' viewing.
  • iftop shows network traffic by service and host
  • ifstat shows network traffic by interface in a vmstat/iostat-like manner
  • gnethogs GTK-based GUI (work-in-progress)
  • nethogs-qt Qt-based GUI
  • hogwatch A bandwidth monitor(per process) with graphs for desktop/web.
  • iptraf-ng is a console-based network monitoring program for Linux that displays information about IP traffic.
  • nettop (by Emanuele Oriani) is a simple process/network usage report for Linux.
  • iptstate is a top-like interface to your netfilter connection-tracking table.
  • flowtop is a top-like netfilter connection tracking tool.
  • BusyTasks is a Java-based app using top, iotop and nethogs as backend.
  • bandwhich is a terminal bandwidth utilization tool.
  • sniffer is a modern alternative network traffic sniffer.

License

Copyright 2004-2005, 2008, 2010-2012, 2015 Arnout Engelen arnouten@bzzt.net License: nethogs may be redistributed under the terms of the GPLv2 or any later version. See the COPYING file for the license text.

About

Linux 'net top' tool

Resources

Readme

License

GPL-2.0 license
Activity

Stars

3k stars

Watchers

63 watching

Forks

281 forks
Report repository

Releases 6

v0.8.7 Latest
Apr 4, 2022
+ 5 releases

Sponsor this project

 
Learn more about GitHub Sponsors

Packages

No packages published

Contributors 48

+ 34 contributors

Languages