How to monitor network bandwidth per user on Ubuntu server?
Solution 1
As root, you could at least measure the outgoing traffic on a per-user basis using the "owner" module of iptables. If all the users you want to monitor are in /root/list-of-users.txt, you can do:
for login in $(cat /root/list-of-users.txt);
do
iptables -N out_user_$login
iptables -A OUTPUT -m owner --uid-owner $(id -u $login) -j out_user_$login
done
And then the packet and byte counts for each user's outbound traffic are visible:
iptables -L OUTPUT -n -v | grep out_
This could be extended further with CONNMARK to track the inbound side too.
Solution 2
I just came across NetHogs:
NetHogs is a small 'net top' tool. Instead of breaking the traffic down per protocol or per subnet, like most tools do, it groups bandwidth by process.
This ought to let you track bandwidth by username. Might still need another couple tools to log the info and add it all up, but it's a good start without directly using iptables.
Solution 3
You can use Cacti
Cacti is a complete frontend to RRDTool, it stores all of the necessary information to create graphs and populate them with data in a MySQL database. The frontend is completely PHP driven. Along with being able to maintain Graphs, Data Sources, and Round Robin Archives in a database, cacti handles the data gathering. There is also SNMP support for those used to creating traffic graphs with MRTG.
Or vnStat
vnStat is a console-based network traffic monitor for Linux and BSD that keeps a log of network traffic for the selected interface(s). It uses the network interface statistics provided by the kernel as information source. This means that vnStat won't actually be sniffing any traffic and also ensures light use of system resources.
Both of them are great.
Solution 4
I looked a bit, and I haven't found a comprehensive gui package that does what you want. Hopefully one exists and someone will post about it here eventually.
I'm not really a networking guy, but from what I've read, among many other things netstat and iptables are supposed to do for ip/host -based user accounting what the acct tools did for system process accounting. This cyberciti.biz link might set you on your way to developing a system with these tools:
http://www.cyberciti.biz/faq/linux-configuring-ip-traffic-accounting/
Related videos on Youtube
11 : 16
14 : 24
14 : 08
03 : 01
04 : 50
Anton
Updated on September 17, 2022Comments
-
Anton almost 2 years
I have few nested DIV elements. For example:
<div id='id1'><div id='id2'>content</div></div>I attach event to DIVs event handler using jQuery:
$('div').click(function () { //some code });There will be two events when user click on content. So there will be two simultaneous events. Is it possible to get inside event handler array of objects (DIVs) what have click event?
May be it is possible using other framework but jQuery?
-
John Feminella about 14 yearsYour question is a little vague. Are you asking how to get a list of all the elements in the DOM which have a click event handler attached?
-
Anurag about 14 yearsplease clarify your question. Do you want to attach event handlers to the innermost div only, or find out all divs that have a click handler attached?
-
Eric about 14 yearsSo you want to get an array of ALL the divs whose children are being clicked on?
-
Anton about 14 yearsWhen user click on inner DIV element two events fired (click event for first DIV and click for second DIV). I want get an array in this case [DIV1, DIV2].
-
user113716 about 14 years@Anton - My answer gives the array you want, although I used
e.stopPropagation()so it is only effective for the innermostdiv. You can remove that line if needed. -
Nick Craver about 14 years@Anton - You want to get this on the child or the parent, and should it only be children, those with the handler, or every element in the chain? It's a very ambiguous question :) -
Thomas Ward over 13 yearsis this even possible? It seems that, theoretically, it'd be more hassle than its worth, because you'd technically have to have each process using the internet identify who's running it, then figure out the combined bandwidth usage. Any specific reasons you're looking to monitor on a per-user basis apart from the shell users you have? Because with 300GB monthly in/out data, it seems unlikely you'll top that amount :/
-
djeikyb over 13 yearsIt must be possible, else how do ISPs cap bandwidth per user?
-
Pedram over 13 years@EvilPhoenix I want to monitor usage per user.300GB is not that much for a server with at least 20 users who use this server as a proxy server.
-
djeikyb over 13 yearsLooks like you have a great practical answer from Kees Cook, but if you're still looking for methods, I wonder if phrasing the question differently could help. I found this guide googling "how to limit user bandwidth on linux": faqs.org/docs/Linux-HOWTO/Bandwidth-Limiting-HOWTO.html
-
-
Pedram over 13 yearsThanks but I saw both of them already and it seems non of them provide per user monitoring.I want to monitor usage per user.
-
Pedram over 13 yearsThanks, but as you said they are used for ip-based user accounting.I have some shell user which may use the server in different locations, specially in a university department with the same ip address (behind a NAT).So I'm looking for a user-based accounting solution, If it's possible.
-
Pedram over 13 yearsThanks.It's great.I did this.But why can't I use the same method for INPUT?
-
Kees Cook over 13 yearsThe owner of the packet isn't known for incoming packets because from the kernel's perspective, it came from outside the machine. CONNMARK could be used to tie packets in TCP streams to their originator, etc, but I don't have a working example of this.
-
tanius about 6 yearsIt can also be started in the mode to sum up traffic:
sudo nethogs -v 3 eth0(or pressmrepeatedly after starting to cycle through modes). Combine withtmuxfor running persistently (even if yoursshsession crashes).
