How can I display all network traffic of all hosts in my network? I can use a linux box of choice, can set eth0 to promiscuous mode and my router has all major protocols. I want to be able to tell which host causes which traffic from a central point within seconds. My ISP bandwidth is very low and some clients tend to eat it all. I want to find them quickly.
I know there are several monitoring solutions. I tried some of them. But it's too much effort to setup. I'm looking for a command line tool or a linux GUI tool, also for use in networks, where I cannot setup servers, but have to do such simple diagnostics.
And yes, there already are some answers here on SE. But most of them are a bit outdated and do recommend tools, which aren't under active development anymore.
A desired output would be something like this, at least:
23.23.23.23 <-- 192.168.1.20:443 - 0.12 MB/s
34.34.34.34 <-- 192.168.1.30:443 - 0.23 MB/s
192.168.1.10:587 --> 12.12.12.12 - 23.45 MB/s
192.168.1.40:80 --> 45.45.45.45 - 0.34 MB/s
...
So one can tell that 192.168.1.10 is eating most of the bandwidth at the moment.
tcpdumpand would then allow you to display all network traffic. You would have to be a bit more specific in what "a useful display of current connections" means – Torin Mar 02 '19 at 16:11tcpdump. I wish it would haveconntrack. So I have to do it from another host on its network via promiscuous mode, I guess. – awado Mar 03 '19 at 20:02