How to see incoming IPs in Linux?

monitoring networking ip

I am wondering what is the command/utility to have a real-time view of incoming IPs to my server, ideally along with the port and connected.


Solution 1:

Use pktstat -n

interface: eth0
bps

   bps    % desc
 162.3   0% arp
 286.5   0% llc 802.1d -> 802.1d
 544.3   1% tcp 172.16.1.5:22 <-> 172.16.1.95:8074
 34.0k  87% udp 172.16.1.1:514 <-> 172.16.1.5:514
 350.1   0% udp 172.16.1.5:24330 <-> 209.18.47.62:53
 329.4   0% udp 172.16.1.5:34870 <-> 209.18.47.62:53
 388.3   0% udp 172.16.1.5:4470 <-> 209.18.47.62:53
 407.4   1% udp 172.16.1.5:47008 <-> 209.18.47.62:53
 741.6   1% udp 172.16.1.5:53 <-> 172.16.1.74:43289
 663.6   1% udp 172.16.1.5:53 <-> 172.16.1.74:44589
 647.7   1% udp 172.16.1.5:53 <-> 172.16.1.74:58223
 128.9   0% udp 172.16.1.74:5353 <-> 224.0.0.251:5353
 160.7   0% udp6 fe80::21c:bfff:fecf:a798,5353 <-> ff02::fb,5353

The pktstat source code is hosted on Debian's site, or you can get it from SourceArchive.com

Solution 2:

For 'purdy' display, I'm partial to a tool called 'iptraf' that will do just what you mention, as well as per interface, and per port aggregates.

For core Linux tools, trusty netstat will do the trick...

Related

SCP transfer only modified files
how to interrupt a stuck ssh connection
Why does it take tens of seconds to get a shell prompt?
To improve SQL performance, why not just put lots of RAM rather than having faster hard disks?
Cannot mount an existing EBS on AWS
In LDAP, what exactly IS a bind DN?
Copying Linux users and passwords to a new server
Using rsync's archive flag without copying symbolic links
How do you escape characters in heredoc?
For Loop counting from 1 to n in a windows bat script
Will everyone having Globally Accessible IP's in IPv6 be kind of a security nightmare? [duplicate]
Meaning of "mapped as" in context