iftop
is a console/shell-based program similar to top that can use the pcap library (also used by tcpdump and wireshark). It is available for Ubuntu from Universe.
sudo aptitude install iftop
sudo iftop
While running an upgrade on an ubuntu system:
With netstat, you can find out what process is connected to a particular port or IP. For ports, its a good idea to prefix with a colon.
sudo netstat -plantu | grep "some_port_number_or_ip_address"
For example, to look at open connections for ssh:
sudo netstat -plantu | grep :22
tcp 0 0 0.0.0.0:22 0.0.0.0:* LISTEN 2376/sshd
tcp 0 0 10.13.37.122:22 10.13.37.105:59130 ESTABLISHED 4033/sshd: jtimberm
tcp6 0 0 :::22 :::* LISTEN 2376/sshd
You can also look for open port connections with lsof:
sudo lsof -i:22
COMMAND PID USER FD TYPE DEVICE SIZE/OFF NODE NAME
sshd 2376 root 3u IPv4 5613 0t0 TCP *:ssh (LISTEN)
sshd 2376 root 4u IPv6 5615 0t0 TCP *:ssh (LISTEN)
sshd 4033 root 3u IPv4 11608 0t0 TCP 10.13.37.122:ssh->10.13.37.105:59130 (ESTABLISHED)
sshd 4086 jtimberman 3u IPv4 11608 0t0 TCP 10.13.37.122:ssh->10.13.37.105:59130 (ESTABLISHED)
You can get more information about the open files from lsof with -p PID.
sudo lsof -p 2376
(Lots of output from that suppressed)
this doesn't seem to have a batch mode. – Nicholas DiPiazza – 2016-06-28T06:44:40.830
very interesting! =D Fix my problem better than the combo iftop+netstat. Not that both are not good, they are awesome, but not for what I needed. =D – igorsantos07 – 2009-11-22T18:20:34.810