How to use iptraf (Monitor NIC Traffic In Real Time) command

How To Use Iptraf (Monitor NIC Traffic In Real Time) Command.

IPTRAF is a command-line utility that allows users to monitor real-time network traffic on a Linux server. It can be used to monitor various network statistics such as TCP/UDP traffic, network bandwidth utilization, and network packet counts. The tool can be used to troubleshoot network-related issues and provides a quick overview of network traffic.


How to install iptraf.

To install iptraf on a Linux system, you can use the package manager specific to your distribution. Below are examples for some popular package managers used in different Linux distributions:

  1. Debian/Ubuntu (apt package manager):

sudo apt update
sudo apt install iptraf
  1. Red Hat, CentOS, Fedora (yum package manager):

sudo yum install iptraf
  1. Arch Linux (pacman package manager):

sudo pacman -S iptraf-ng

Once the installation is complete, you can run iptraf from the terminal. Note that some distributions might have slightly different package names, but the above examples should work for most cases.



The following table lists the available options for the IPTRAF command:




Start IPTRAF in silent mode


Start IPTRAF in debug mode


Display help information


Display version information


How do I use iptraf command?

The syntax is:

iptraf [options]
iptraf -i interface_name_here
iptraf-ng -i interface_name_here

To start the IP traffic monitor for eno1 interface type the following command. Pass the -i all option for all interfaces:

# iptraf-ng -i eno1
# iptraf-ng -i eno1
# iptraf -i all


To start the general interface statistics, enter:

# iptraf -g
# iptraf-ng -g


To see the detailed statistics facility on an interface called eno1

# iptraf -d interface_name_here
# iptraf -d eno1
# iptraf-ng -d wlp4s0


To see the TCP and UDP monitor on an interface called eno1

# iptraf -z interface_name_here
# iptraf -s eno1
# iptraf-ng -s wlp4s0


To displays the packet size counts on an interface called eno1

# iptraf -z interface_name_here
# iptraf -z eno1
# iptraf-ng -z wlp4s0


Other options for iptraf-ng command

Here are other options for the program:

-l iface    - start the LAN station monitor ("-l all" for all LAN interfaces)
-B          - run in background (use only with one of the above parameters)
-t timeout  - when used with one of the above parameters, tells
              the facility to run only for the specified number of
              minutes (timeout)
-L logfile  - specifies an alternate log file for any direct invocation
              of a facility from the command line.  The log is placed in
              /var/log/iptraf if path is not specified.
-I interval - specifies the log interval for all facilities except the IP
              traffic monitor.  Value is in minutes.
-f          - clear all locks and counters.  Use with great caution.
              Normally used to recover from an abnormal termination.



IPtraf is a versatile network monitoring tool that offers valuable insights into network traffic and statistics. Its real-time capabilities make it a powerful ally for network administrators and enthusiasts seeking to understand, optimize, and troubleshoot their networks. By exploring the different sections of IPtraf and utilizing practical examples, you can harness the full potential of this useful tool and gain a deeper understanding of your network’s behavior.