Is there any software in Linux like TCPView in Windows

[klok]

This software should have the ability to monitor traffic generated by a program and can privde information about process, IP addresses of connection endpoints, sent and received bytes. The functions should like TCPView in Windows.

tcpdump cannot provide process information, lsof cannot provide all information metioned above. But if both could be bound into one, the requiremets could be met.

Can anybody give some information about this kind of softwares?

Thanks in advance!

[bigtomrodney]

You're probably looking for something like ethereal. It ships with a lot of distros and so might be on your install disks. If not it's easy enough to build.

[klok]

thanks to bigtomrodney.

As I know, most of current traffic monitor softwares use libpcap for capturing packets. They cannot provide process information.

I have ever installed ethereal in Windows (using winpcap), it seems that it cannot provide process information. TCPView in Windows can do so. Are you sure ethereal in Linux can provide all this information: process, IP addresses of connection endpoints, sent and received bytes?

[AlexK]

if you just want to read the tcp headers, then yes ethereal can do that windows or linux. (e.g. ip address of end points and packet size). I am not sure what you mean by processes though.

[klok]

if you just want to read the tcp headers, then yes ethereal can do that windows or linux. (e.g. ip address of end points and packet size). I am not sure what you mean by processes though.

Process information means which process or program in local host sends or receives how many bytes with remote endpoint (remoteIP : port).

Below is a screenshot from TCPView Pro

[AlexK]

No, ethereal doesn't provide the processes information, atleast no version which I have ever used does.

[klok]

Anybody knows, is there any this kind of software in Linux?

[mihaiv]

Try netactview. Like tcpview it is able to show process information.