Author Archive norbertk

Infiniband Switch upgrades

 

To
From
1.0.x
1.1.x
1.3.x
2.0.x
2.1.2 – 2.1.6
2.1.7 – 2.1.9
1.0.x
Upgrade or Downgrade
Upgrade or Downgrade
1.1.x
Upgrade or Downgrade
Upgrade or Downgrade
Upgrade or Downgrade
1.3.x
Upgrade or Downgrade
Upgrade or Downgrade
Upgrade or Downgrade
Upgrade or Downgrade
  • Upgrade
  • Downgrade to 2.1.6 first
2.0.x
Upgrade or Downgrade
Upgrade or Downgrade
Upgrade or Downgrade
  • Upgrade
  • Downgrade to 2.1.6 first
2.1.2 – 2.1.6
Upgrade or Downgrade
Upgrade or Downgrade
Upgrade or Downgrade
  • Upgrade
  • Downgrade to 2.1.6 first
2.1.7 – 2.1.9
  • Upgrade
  • Downgrade to 2.1.6 first
  • Upgrade
  • Downgrade to 2.1.6 first
  • Upgrade
  • Downgrade to 2.1.6 first
Upgrade or Downgrade

For example, upgrading from firmware version 1.1.2 to 1.3.5 is supported. However, upgrading from firmware version 1.1.2 to 2.1.5 is not. You must first upgrade from firmware version 1.1.2 to 1.3.x, and from firmware version 1.3.x to 2.1.5.

Similarly, downgrading from firmware version 2.1.6 to 2.0.7 is supported. However, downgrading from firmware version 2.1.9 to 2.0.7 is not. You must first downgrade from firmware version 2.1.9 to 2.1.6 using the downgrade version of firmware 2.1.6. Then you can downgrade from 2.1.6 to 2.0.7.


Note –  See Firmware Update Guidelines about upgrading and downgrading firmware.

Upgrade the Switch Firmware (CLI)


Note –  Before upgrading or downgrading the switch firmware, read Firmware Update Guidelines.



Note –  If you are going to downgrade the firmware to a version earlier than 2.1, you must disable secret M_Keys. Refer to the Sun Datacenter InfiniBand Switch 36 Administration Guide for Firmware Version 2.1 for instructions on disabling secret M_Key functionality.



Note –  If you are going to downgrade the firmware to a version earlier than 2.0, you must remove user partitions and depopulate the Subnet Manager nodes list. Refer to the Sun Datacenter InfiniBand Switch 36 Administration Guide for Firmware Version 2.1 for instructions on removing partitions for a firmware downgrade.


    1. Consider your first step:
      • If you are upgrading or downgrading from firmware version 2.0 or newer, go to Step 2.
      • If you are upgrading or downgrading from a firmware version earlier than 2.0, go to Step 5.

    1. Open an SSH session as user ilom-admin and connect to the management controller by specifying the controller’s host name.For example:
      % ssh -l ilom-admin switch_name
      ilom-admin@switch_name's password: password
      ->

      where switch_name is the host name of the management controller. Initially, the password is ilom-admin.

    1. If the Subnet Manager is running on the management controller, disable the Subnet Manager.
      -> show /SYS/Fabric_Mgmt
      NOTE: show on Fabric_Mgmt will launch a restricted Linux shell.
           User can execute switch diagnosis, SM Configuration and IB
           monitoring commands in the shell. To view the list of commands,
           use "help" at rsh prompt.
      
           Use exit command at rsh prompt to revert back to
           ILOM shell.
      
      FabMan@switch_name->disablesm
      Stopping partitiond-daemon.                                [  OK  ]
      Stopping IB Subnet Manager..                               [  OK  ]
      FabMan@switch_name->exit
      exit
      ->

    1. Go to Step 11.

    1. Open an SSH session as user root and connect to the management controller by specifying the controller’s host name.
      % ssh -l root switch_name
      root@switch_name's password: password
      #

      where switch_name is the host name of the management controller. Initially, the password is changeme.

    1. If the Subnet Manager is running on the management controller, disable the Subnet Manager.
      # disablesm
      Stopping partitiond daemon.                                [  OK  ]
      Stopping IB Subnet Manager..                               [  OK  ]
      #

    1. Verify that there is at least 80 MB available in the / filesystem.
      # df -h /
      Filesystem            Size   Used   Avail  Use%  Mounted on
      /dev/hda2             471M   276M   172M   62%   /
      #

      In this example, there are 172 MB available. If not enough space is available, you must delete or move files from the / filesystem.

    1. Verify that there is at least 120 MB available in the /tmp directory.
      # df -h /tmp
      Filesystem            Size   Used  Avail  Use%  Mounted on
      tmpfs                 250M   240K  249M   1%    /tmp
      #

      In this example, there are 249 MB available. If not enough space is available, you must delete files from the /tmp directory.

    1. Verify that there is at least 120 MB free memory available.
      # free -m
                               total      used       free     shared    buffers    cached
      Mem:                     498        104        393      0         12         47
      -/+ buffers/cache:       45         453
      Swap:                    0          0          0
      #

      In the -/+ buffers/cache: row of the free column, there should be at least 120 MB free memory. In this example, there are 453 MB available. If not enough memory is available, you must exit nonessential applications that are running.

    1. Start the Oracle ILOM shell.
      # spsh
      Oracle(R) Integrated Lights Out Manager
      Version ILOM 3.0 r47111
      Copyright (c) 2010, Oracle and/or its affiliates. All rights reserved.
      ->

      You are now in the Oracle ILOM shell.

      You can use the exit command to return to the Linux shell.

    1. Begin the upgrade process.
      -> load -source URI/pkgname

      where:

      • URI is the uniform resource indicator for the host where the switch firmware package is located. The FTP and HTTP protocols are supported. If you are upgrading from firmware 2.1.2-2 or newer, the TFTP protocol is also supported.
      • pkgname is the name of the firmware package in the transfer directory.

      For example, using the HTTP protocol:

      -> load -source http://123.45.67.89/tmp/sundcs_36p_repository_2.1.9_1.pkg
      Downloading firmware image. This will take a few minutes.

      Note –  If you are experiencing version number contention, you can use the –force option to disable version number checking, and force the upgrade.


      The firmware is downloaded. The upgrade begins. A caution is displayed and you are asked to commit to the upgrade.

      NOTE: Firmware upgrade will upgrade the SUN DCS 36p firmware. ILOM will enter a special mode to load
      new firmware. No other tasks should be performed in ILOM until the firmware upgrade is complete.
      
      Subnet manager is running on the switch. Proceeding with installation will stop it.
      Are you sure you want to load the specified file (y/n)?

    1. Answer y to the prompt to commit to the upgrade.The upgrade begins.
      Setting up environment for firmware upgrade. This will take few minutes.
      Subnet manager has been temporarily disabled on this switch so that firmware upgrade can go on. After the
      upgrade is done, please make sure that the SM is running again, using commands sminfo and enablesm.
      Starting SUN DCS 36p FW update
      ========================== 
      Performing operation: I4 A 
      ========================== 
      I4 A: I4 is already at the given version. 
      =========================== 
      Summary of Firmware update 
      =========================== 
      I4 status                :  FW UPDATE - SUCCESS 
      I4 update succeeded on   :  none 
      I4 already up-to-date on :  A 
      I4 update failed on      :  none 
      ========================================= 
      Performing operation: SUN DCS 36p firmware update 
      ========================================= 
      SUN DCS 36p fw upgrade from 2.1.6-2 to 2.1.9-1: 
      Upgrade started... 
      Upgrade completed. 
      INFO: SUN DCS 36p fw upgrade from 2.1.6-2 to 2.1.9-1 succeeded 
       
      Post-install checks started... 
      Post-install checks completed. 
      Firmware update is complete. 
      ILOM will be restarted and will take 2 minutes to come up. 
      You will need to reconnect to Integrated Lights Out Manager. 
       
      Stopping any already executing ILOM daemons 
      Starting event manager 
      Starting log manager 
      Starting ILOM IPMI stack 
      Started ILOM IPMI stack 
      Starting lumain 
      Starting luproxy 
      Starting ealertd 
      Starting web server 
      Starting SNMP 
      Terminated 
      #

    1. Exit the Oracle ILOM CLI shell.
      -> exit
      exit
      #

    1. Restart the switch to enable the new firmware.
      -> reset /SP
      Are you sure you want to reset /SP (y/n)? y
      Performing reset on /SP
      Broadcast message from root (Thu Mar 16 14:00:34 2017):
      The system is going down for reboot NOW! 
      -> Connection to switch_name closed by remote host.
      Connection to switch_name closed.

      Note –  The restart process takes between 4 to 5 minutes to complete. The Oracle ILOM stack requires at least 2 minutes to become operational after a reboot.


    1. If the Subnet Manager was previously disabled, log in as the root user and enable the Subnet Manager.
      % ssh -l root switch_name
      root@switch_name's password: password
      # enablesm
      Starting IB Subnet Manager.                                [  OK  ]
      Starting partitiond daemon.                                [  OK  ]
      #

    1. Verify the firmware version.
      # version
      SUN DCS 36p version: 2.1.9-1 
      Build time: Jan 12 2017 09:16:51
      SP board info:
      Manufacturing Date: 2013.08.13 
      Serial Number: "NCDA00732" 
      Hardware Revision: 0x0007 
      Firmware Revision: 0x0102
      BIOS version: SUN0R100 
      BIOS date: 06/22/2010#

      In the first line of the output is SUN DCS 36p version x.y.z-w, where x.y.zw is the version of the firmware upgraded (or downgraded). For example, 2.1.9-1.

  1. Verify the firmware integrity.
    # fwverify
    Checking all present packages:
    ........................................................................... OK
    Checking if any packages are missing:
    ........................................................................... OK
    Verifying installed files:
    ........................................................................... OK
    Checking FW Coreswitch:
     FW Version: 7.4.3002 OK 
     PSID: SUN_NM2-36p_004 OK 
     Verifying image integrity OK#

How to Install Latest Roundcube Webmail on CentOS 7

Top 10 Linux GUI tools that can make life much easier for a Linux administrator

Linux has become a know how, if you are a system administrator working in a larger environment. Security teams have been deployed by large organizations to keep an eye on vulnerabilities in their systems and take corrective or preventive action as suitable.

In the recent times, many organizations have migrated from Windows, where everything is regulated with a point-and-click GUI. Thankfully, Linux has plenty of GUI tools that can help you keep away from the command line. Linux-based security tools and distributions can be used for penetration testing, reverse engineering, forensics and so on.

Here’s a look at some of the good 10 GUI tools that can make your Linux sysadmin tasks simpler.

1. MySQL Workbench

MySQL Workbench is a visual database design tool that integrates SQLdevelopment, administration, database design, creation and maintenance into a single integrated development environment for the MySQL database system. MySQL Workbench is one of the best tools for working with MySQL databases. Besides managing databases, it also helps you design, develop, and administer MySQL databases. There is a new addition to the MySQL Workbench set of tools, which is the ability to easily migrate Microsoft Access, Microsoft SQL Server, PostgreSQL, Sybase ASE, and other RDBMS tables, objects, and data to MySQL, that alone makes MySQL Workbench worth using.

2. cPanel

cPanel is a Linux based web hosting control panel that provides a GUI and automation tools designed to simplify the process of hosting a web site. It allows you to configure sites, customers’ sites and services, and a lot more. You can also use this tool to configure/manage mail, apps, security, files, domains, apps, databases, logs and many more. However, the only flipside is that cPanel is not available for free. You need to pay to use cPanel.

3. Shorewall

Shorewall is an open source firewall tool for Linux that builds upon the Netfilter (iptables/ipchains) system built into the Linux kernel, making it easier to manage more complex configuration schemes by providing a higher level of abstraction for describing rules using text files. Shorewall is one of the best tops for the server. This security GUI allows you to configure gateways, traffic controlling, VPNs, blacklisting, and much more.

4. Webmin

Webmin is a web-based configuration tool for administering Linux servers. The recent versions can also be installed and run on Windows. Using this tool, you can configure operating system internals, such as users, disk quotas, services or configuration files, as well as modify and control open source apps, such as the Apache HTTP Server, PHP or MySQL. If the default installation does not include what you need, then a large number of third-party modules are available to take up the slack.

5. Apache Directory

Apache Directory is an open source project of the Apache Software Foundation. Though it is designed particularly for Apache Directory Server, it is the only solid GUI tool for managing any LDAP server. It is an Eclipse RCP application and can serve as your LDAP browser, ApacheDS configuration editor, schema editor, ACI editor, LDIF editor and more. The app also contains the latest ApacheDS, which means you can use it to create a DS server in no time.

6. YaST

YaST (Yet another Setup Tool) is a Linux operating system setup and configuration tool for enterprise-grade SUSE and openSUSE. With this all easy-to-use, attractive GUI, you can configure network, hardware, services and tune system security. By default, YaST is installed in all SUSE and openSUSE platforms.

7. Cockpit

Red Hat created Cockpit to make server administration easier. You can handle tasks like journal inspection, storage administration, multiple server monitoring, and starting/stopping services with this web-based GUI. Cockpit will run on Arch Linux, Red Hat Enterprise Linux, Fedora Server, Fedora Atomic, and CentOS Atomic.

8. CUPS

CUPS (an acronym for Common Unix Printing System) is a modular printing system for Unix-like computer operating systems which allows a computer to act as a print server. A computer running CUPS is a host that can accept print jobs from client computers, process them, and send them to the appropriate printer. It is also possible to enable remote administration and Kerberos authentication. The good part about the GUI is its built-in help system using which you can learn almost everything that you need to manage your print server.

9. Zenmap

Zenmap is the official Nmap Security Scanner GUI. It is a multi-platform (Linux, Windows, Mac OS X, BSD, etc.) free and open source application which aims to make Nmap easy for beginners to use while providing advanced features for experienced Nmap users. Frequently used scans can be saved as profiles to make them easy to run repeatedly. Scan results can be saved and viewed later. Even though you may not use this tool to directly administer your system, it will become invaluable in the quest for discovering network-related issues.

10. phpMyAdmin

phpMyAdmin is a free and open source tool written in PHP intended to handle the administration of MySQL with the use of a web browser. It can perform various tasks such as creating, modifying or deleting databases, tables, fields or rows; executing SQL statements; or managing users and permissions. You can create and manage MySQL databases with phpMyAdmin via a standard web browser. It means you can install phpMyAdmin on a headless Linux server and connect to it through any browser that has access to the machine.

The above GUI tools are taken in a random manner. If you are a SysAdmin working on Linux workstations, kindly put your favourite GUI in the comments section below.

mount and unmount iso images in linux

An ISO image or .iso (International Organization for Standardization) file is an archive file that contains a disk image called ISO 9660 file system format. Every ISO file have .ISO extension has defined format name taken from the ISO 9660 file system and specially used with CD/DVD Rom’s. In simple words an iso file is a disk image.

This article describes how to mount and unmount an ISO image on a Linux Operating system to access and list the content of files.

How to Mount an ISO Image

To mounting an ISO image on Linux (RedHatCentOSFedora or Ubuntu), you must be logged in as “root” user or switch to “sudo” and run the following commands from a terminal to create a mount point.

# mkdir /mnt/iso
OR
$ sudo mkdir /mnt/iso

Once you created mount point, use the “mount” command to mount an iso file called “Fedora-18-i386-DVD.iso“.

# mount -t iso9660 -o loop /home/norbertk/Fedora-18-i386-DVD.iso /mnt/iso/
OR
$ sudo mount -t iso9660 -o loop /home/norbertk/Fedora-18-i386-DVD.iso /mnt/iso/

After the ISO image mounted successfully, go the mounted directory at /mnt/iso and list the content of an ISO image. It will only mount in read-only mode, so none of the files can be modified.

# cd /mnt/iso
# ls -l

You will see the list of files of an ISO image, that we have mounted in the above command. For example, the directory listing of an Fedora-18-i386-DVD.iso image would look like this.

total 16
drwxrwsr-x  3 root 101737 2048 Jan 10 01:00 images
drwxrwsr-x  2 root 101737 2048 Jan 10 01:00 isolinux
drwxrwsr-x  2 root 101737 2048 Jan 10 01:00 LiveOS
drwxrwsr-x 28 root 101737 4096 Jan 10 00:38 Packages
drwxrwsr-x  2 root 101737 4096 Jan 10 00:43 repodata
-r--r--r--  1 root root   1538 Jan 10 01:00 TRANS.TBL

How to Unmount an ISO Image

Simply run the following command from the terminal either “root” or “sudo” to unmount an mounted ISO image.

# umount /mnt/iso
OR
$ sudo umount /mnt/iso
Where Options
  1. -t : This argument is used to indicate the given filesystem type.
  2. ISO 9660 : It describes standard and default filesystem structure to be used on CD/DVD ROMs.
  3. -o : Options are necessary with a -o argument followed by a separated comma string of options.
  4. loop: The loop device is a pseudo-device that often used for mounting CD/DVD ISO image and makes those files accessible as a block device.

Oracle Linux 7 version for the Raspberry pi

Some time ago the people from the Oracle Linux team have taken the time to build a Oracle Linux 7 version for the Raspberry pi. The Raspberry Pi is a series of small single-board computers developed in the United Kingdom by the Raspberry Pi Foundation to promote the teaching of basic computer science in schools and in developing countries. The original model became far more popular than anticipated, selling outside its target market for uses such as robotics. It does not include peripherals (such as keyboards, mice and cases).

The operating system you use will have to be placed on a single Micro SD card. Using a mac the below command was useful to place the downloaded Oracle Linux 7 distribution for the Raspberry Pi on the Micro SD card:

sudo dd bs=1m if=/var/tmp/rpi3-ol7.3-image.img of=/dev/disk2 conv=sync

If you face the issue of the below error, you most likely have mounted the SD card to your operating system. You will have to unmount it (via the disk utility app) and retry the command. Do note this could take some time to complete.

dd: /dev/disk2: Resource busy

A bit of care is needed when executing the command. If your Micro SD card is NOT mounted on /dev/disk2 you might run into the issue that you damage an existing other disk. Meaning, you need to check if /dev/disk2 is indeed the SD card in your case. Using a Mac you can use the below command to check your disks:

diskutil list

When your dd command is finished and you place the SD card in your Raspberry Pi and start it you should end up with a running Oracle Linux 7 operating system on your Raspberry Pi.

How to Install and Enable Bash Auto Completion in CentOS/RHEL

Crontab – Quick Reference

Setting up cron jobs in Unix, Solaris & Linux

cron is a unix, solaris, Linux utility that allows tasks to be automatically run in the background at regular intervals by the cron daemon. 

cron meaning – There is no definitive explanation but most accepted answers is reportdly from Ken Thompson ( author of unix cron ), name cron comes from chron ,the Greek prefix for ‘time.’.
What is cron ? – Cron is a daemon which runs at the times of system boot from /etc/init.d scripts. If needed it can be stopped/started/restart using init script or with command service crond start in Linux systems.

This document covers following aspects of Unix, Linux cron jobs to help you understand and implement cronjobs successfully

  1. What is crontab?
  2. What is a cron job or cron schedule?
  3. Crontab Restrictions
  4. Crontab Commands
  5. Crontab file – syntax
  6. Crontab Example
  7. Crontab Environment
  8. Disable Email
  9. Generate log file for crontab activity
  10. Crontab file location

1. What is crontab?

Crontab (CRON TABle) is a file which contains the schedule of cron entries to be run and at specified times. File location varies by operating systems, See Crontab file location at the end of this document.

2.What is a cron job or cron schedule?

Cron job or cron schedule is a specific set of execution instructions specifing day, time and command to execute. crontab can have multiple execution statments.

3. Crontab Restrictions

You can execute crontab if your name appears in the file /usr/lib/cron/cron.allow. If that file does not exist, you can use
crontab if your name does not appear in the file /usr/lib/cron/cron.deny.
If only cron.deny exists and is empty, all users can use crontab. If neither file exists, only the root user can use crontab. The allow/deny files consist of one user name per line.

4. Crontab Commands

export EDITOR=vi ;to specify a editor to open crontab file.

crontab -e    Edit crontab file, or create one if it doesn’t already exist.
crontab -l    crontab list of cronjobs , display crontab file contents.
crontab -r    Remove your crontab file.
crontab -v    Display the last time you edited your crontab file. (This option is only available on a few systems.)

5. Crontab file

Crontab syntax :
A crontab file has five fields for specifying day , date and time followed by the command to be run at that interval.

*     *     *   *    *        command to be executed
-     -     -   -    -
|     |     |   |    |
|     |     |   |    +----- day of week (0 - 6) (Sunday=0)
|     |     |   +------- month (1 - 12)
|     |     +--------- day of        month (1 - 31)
|     +----------- hour (0 - 23)
+------------- min (0 - 59)

* in the value field above means all legal values as in braces for that column.
The value column can have a * or a list of elements separated by commas. An element is either a number in the ranges shown above or two numbers in the range separated by a hyphen (meaning an inclusive range).
Notes
A. ) Repeat pattern like /2 for every 2 minutes or /10 for every 10 minutes is not supported by all operating systems. If you try to use it and crontab complains it is probably not supported.

B.) The specification of days can be made in two fields: month day and weekday. If both are specified in an entry, they are cumulative meaning both of the entries will get executed .

6. Crontab Examples

A line in crontab file like below removes the tmp files from /home/someuser/tmp each day at 6:30 PM.

30     18     *     *     *         rm /home/someuser/tmp/*

Changing the parameter values as below will cause this command to run at different time schedule below :

min hour day/month month day/week Execution time
30 0 1 1,6,12 * — 00:30 Hrs  on 1st of Jan, June & Dec.
0 20 * 10 1-5 –8.00 PM every weekday (Mon-Fri) only in Oct.
0 0 1,10,15 * * — midnight on 1st ,10th & 15th of month
5,10 0 10 * 1 — At 12.05,12.10 every Monday & on 10th of every month
:

Note : If you inadvertently enter the crontab command with no argument(s), do not attempt to get out with Control-d. This removes all entries in your crontab file. Instead, exit with Control-c.

7. Crontab Environment

cron invokes the command from the user’s HOME directory with the shell, (/usr/bin/sh).
cron supplies a default environment for every shell, defining:
HOME=user’s-home-directory
LOGNAME=user’s-login-id
PATH=/usr/bin:/usr/sbin:.
SHELL=/usr/bin/sh

Users who desire to have their .profile executed must explicitly do so in the crontab entry or in a script called by the entry.

8. Disable Email

By default cron jobs sends a email to the user account executing the cronjob. If this is not needed put the following command At the end of the cron job line .

>/dev/null 2>&1

9. Generate log file

To collect the cron execution execution log in a file :

30 18 * * * rm /home/someuser/tmp/* > /home/someuser/cronlogs/clean_tmp_dir.log

10. Crontab file location

User crontab files are stored by the login names in different locations in different Unix and Linux flavors. These files are useful for backing up, viewing and restoring but should be edited only with crontab command by the users.

  • Mac OS X
    /usr/lib/cron/tabs/
  • BSD Unix 
    /var/cron/tabs/
  • Solaris, HP-UX, Debian, Ubuntu
    /var/spool/cron/crontabs/
  • AIX, Red Hat Linux, CentOS, Ferdora
    /var/spool/cron/

Modify Ubuntu ens network interface card to eth0

  1. Display current interface cards and verify that eth0 doesnt exist:
    ifconfig -a
  2. Edit grub file configuration to disable new naming convention
    vim /etc/default/grub
  3. Look for GRUB_CMDLINE_LINUX= include the following net.ifnames=0 biosdevname=0″
    From:
    GRUB_CMDLINE_LINUX=””
    To
    GRUB_CMDLINE_LINUX=”net.ifnames=0 biosdevname=0″
  4. Save and exit the file
  5. Reload grub config file:
    update-grub
  6. Edit interfaces file
    vim /etc/network/interfaces
    From:
    # The primary network interface
    auto ens16
    iface ens16 inet dhcpTo:
    # The primary network interface
    auto eth0
    iface eth0 inet dhcp
  7. Reboot your machine/Restart networking service

3 Linux Network Monitors

Learn more about your network connections with the iftop, Nethogs, and vnstat tools.

You can learn an amazing amount of information about your network connections with these three glorious Linux networking commands. iftop tracks network connections by process number, Nethogs quickly reveals what is hogging your bandwidth, and vnstat runs as a nice lightweight daemon to record your usage over time.

iftop

The excellent iftop listens to the network interface that you specify, and displays connections in a top-style interface.

This is a great little tool for quickly identifying hogs, measuring speed, and also to maintain a running total of your network traffic.

If you have just one network interface, run iftop with no options. iftop requires root permissions:

$ sudo iftop

When you have more than one, specify the interface you want to monitor:

$ sudo iftop -i wlan0

Just like top, you can change the display options while it is running.

  • h toggles the help screen.
  • n toggles name resolution.
  • s toggles source host display, and d toggles the destination hosts.
  • s toggles port numbers.
  • N toggles port resolution; to see all port numbers toggle resolution off.
  • t toggles the text interface. The default display requires ncurses. I think the text display is more readable and better-organized (Figure 1).
  • p pauses the display.
  • q quits the program.

text display

Figure 1: The text display is readable and organized.
When you toggle the display options, iftop continues to measure all traffic. You can also select a single host to monitor. You need the host’s IP address and netmask. I was curious how much of a load Pandora put on my sad little meager bandwidth cap, so first I used dig to find their IP address:
$ dig A pandora.com
[...]
;; ANSWER SECTION:
pandora.com.            267     IN      A       208.85.40.20
pandora.com.            267     IN      A       208.85.40.50

 

$ sudo iftop -F 208.85.40.20/24 -i wlan0

Is that not seriously groovy? I was surprised to learn that Pandora is easy on my precious bits, using around 500Kb per hour. And, like most streaming services, Pandora’s traffic comes in spurts and relies on caching to smooth out the lumps and bumps.

You can do the same with IPv6 addresses, using the -G option. Consult the fine man page to learn the rest of iftop’s features, including customizing your default options with a personal configuration file, and applying custom filters (see PCAP-FILTER for a filter reference).

Nethogs

When you want to quickly learn who is sucking up your bandwidth, Nethogs is fast and easy. Run it as root and specify the interface to listen on. It displays the hoggy application and the process number, so that you may kill it if you so desire:

$ sudo nethogs wlan0

NetHogs version 0.8.1

PID USER   PROGRAM              DEV    SENT   RECEIVED       
7690 carla /usr/lib/firefox     wlan0 12.494 556.580 KB/sec
5648 carla .../chromium-browser wlan0  0.052   0.038 KB/sec
TOTAL                                 12.546 556.618 KB/sec 

Nethogs has few options: cycling between kb/s, kb, b, and mb, sorting by received or sent packets, and adjusting the delay between refreshes. See man nethogs, or run nethogs -h.

vnstat

vnstat is the easiest network data collector to use. It is lightweight and does not need root permissions. It runs as a daemon and records your network statistics over time. The vnstatcommand displays the accumulated data:

$ vnstat -i wlan0
Database updated: Tue Oct 17 08:36:38 2017

   wlan0 since 10/17/2017

          rx:  45.27 MiB      tx:  3.77 MiB      total:  49.04 MiB

   monthly
                     rx      |     tx      |    total    |   avg. rate
     ------------------------+-------------+-------------+---------------
       Oct '17     45.27 MiB |    3.77 MiB |   49.04 MiB |    0.28 kbit/s
     ------------------------+-------------+-------------+---------------
     estimated        85 MiB |       5 MiB |      90 MiB |

   daily
                     rx      |     tx      |    total    |   avg. rate
     ------------------------+-------------+-------------+---------------
         today     45.27 MiB |    3.77 MiB |   49.04 MiB |   12.96 kbit/s
     ------------------------+-------------+-------------+---------------
     estimated       125 MiB |       8 MiB |     133 MiB |

By default it displays all network interfaces. Use the -i option to select a single interface. Merge the data of multiple interfaces this way:

$ vnstat -i wlan0+eth0+eth1

You can filter the display in several ways:

  • -h displays statistics by hours.
  • -d displays statistics by days.
  • -w and -m displays statistics by weeks and months.
  • Watch live updates with the -l option.

This command deletes the database for wlan1 and stops watching it:

$ vnstat -i wlan1 --delete

This command creates an alias for a network interface. This example uses one of the weird interface names from Ubuntu 16.04:

$ vnstat -u -i enp0s25 --nick eth0

By default vnstat monitors eth0. You can change this in /etc/vnstat.conf, or create your own personal configuration file in your home directory. See man vnstat for a complete reference.

You can also install vnstati to create simple, colored graphs (Figure 2):

$ vnstati -s -i wlx7cdd90a0a1c2 -o vnstat.png

vnstati

Figure 2: You can create simple colored graphs with vnstati.

See man vnstati for complete options.