98b86c5a185ea2decfef97541052a393.png

Monitor Network Traffic per Process with Nethogs

Yesterday I wrote about using 3G on Raspberry Pi board,  and one of the commenter mentioned higher traffic than expected when connecting to 3G to just send a few bytes before disconnecting. One of the reasons are the extra data needed if you transmit data over a secure connection, for example establishing a PPP connection, connect to the board over SSH, and disconnect, results in the transmission & reception of a few kilobytes on my board:

But if you get much more traffic than that, you may want to investigate if another package may transfer data when it detects the connection is up. To analyze traffic, tcpdump and Wireshark are good options, especially if you want to look into the packets data, however such tools do not tell you which process is sending or receiving the data.

So I searched whether I could find a program that would do just that, and a thread on Ask Ubuntu discussing how to display network traffic in the terminal, mentions some interesting utilities like bmon, iftop, tcptrack, etc… which all show info about the connections, but the utility that does exactly what I I want is called nethogs. Installing it in Ubuntu/Debian is very easy.

Now run it as root, as you should get a list of processes that send and received data over a specific interface:

The full options can be found with -h:

Tweet Yesterday I wrote about using 3G on Raspberry Pi board,  and one of the commenter mentioned higher traffic than expected when connecting to 3G to just send a few…

Leave a Reply

Your email address will not be published. Required fields are marked *

*