SYNOPSIS
tcptrack tcptrack [-dfhvp] [-r <seconds>] -i <interface>
[<filter expression>]
DESCRIPTION
tcptrack displays the status of TCP connections that it
sees on a given network interface. tcptrack monitors their
state and displays information such as state, source/des-
tination addresses and bandwidth usage in a sorted,
updated list very much like the top(1) command.
The filter expression is a standard pcap filter expression
(identical to the expressions used by tcpdump(8)) which
can be used to filter down the characteristics of TCP con-
nections that tcptrack will see. See tcpdump(8) for more
information about the syntax of this expression.
OPTIONS
-d Only track connections that were started after tcp
track was started. Do not try to detect existing
connections.
-f Enable fast average recalculation. TCPTrack will
calculate the average speeds of connections by
using a running average. TCPTrack will use more
memory and CPU time, but averages will seem closer
to real time and will be updated more than once per
second. The number of times per second that aver-
ages will be recalculated in fast mode is a com-
pile-time setting that defaults to 10 times per
second.
-h Display command line help
-i [interface]
Grab packets from the specified network interface.
-p Do not put the interface being sniffed into promis-
cuous mode.
-r [seconds]
Wait this many seconds before removing a closed
connection from the display. Defaults to 2 sec-
onds. See also the pause interactive command
(below).
-v Display tcptrack version
INTERACTIVE COMMANDS
The following keys may be pressed while tcptrack is run
ning to change runtime options:
p - Pause/unpause display. No new connections will be
added to the display, and all currently displayed connec-
tions will remain in the display.
q - Quit tcptrack.
s - Enable/disable sorting.
SEE ALSO
tcpdump(8), pcap(3),
http://www.rhythm.cx/~steve/devel/tcptrack
BUGS
Currently the interface is not very flexible. Display tim
ing settings (such as the refresh interval) can only be
changed by editing the source code (defs.h in particular).
See the TODO file included with the source distribution
for further bugs.
tcptrack(1)
Man(1) output converted with
man2html