
Hogwatch – a bandwidth monitor that shows per process network transfer - cujanovic
https://github.com/akshayKMR/hogwatch
======
sciurus
Under the hood, this is using nethogs. Here's how nethogs associates traffic
with a process:

On linux the file /proc/net/tcp lists all established TCP connections. It
includes the local and remote socket addresses and the inode number for the
local socket. Nethogs uses libpcap to sniff traffic and associate it with its
entry in /proc/net/tcp. It takes the inode from there and scans through
/proc/*/fd/ looking for the file descripter that has that inode to determine
which process has the socket open. Once it finds the process it adds it to a
table of inode to process id mappings so it doesn’t have to scan through /proc
again the second time a packet for that connection comes through.

------
akshayKMR
Hey, project author here. This is the first python package or project for that
matter I've built for my college assignment.

I am really overwhelmed by the response. However the project is still very
much unifinished.

Here are somethings that need to be fixed/added for eg.

-fix some bugs on frontend.(proper sort on listing/chart switching etc.)

-Kill nethogs process on exit // fails sometimes

-Store history for restarts.

-proper packaging.

-unit tests.

I'll add the above to the readme.md

First time on Hackernews/Github feed feels great though. Cheers.

------
aparadja
If you're on Mac and just want to monitor the connections that each process
makes (not the bandwidth), Radio Silence just got a built-in network monitor a
few weeks ago: [https://radiosilenceapp.com](https://radiosilenceapp.com)

Disclaimer: I'm the author

~~~
asendra
Nice, first time I hear about it and seems really nice. Good work.

If I only wanted to monitor network connections on my mac, and block/allow
them forever/for a limited time, is there any difference in functionality
between this and Little Snitcher?

------
TheAceOfHearts
On OS X I use Little Snitch. Unfortunately, it's not free.

I noticed in one of your screenshots you use LS as well, do they serve
different purposes or was it just a project for fun?

~~~
heywire
Somewhat on topic, anyone know of something like Little Snitch for Linux?

~~~
aroch
There's LeopardFire:
[https://github.com/themighty1/lpfw](https://github.com/themighty1/lpfw)

IIRC, it is the most recently active project. As far as I can tell, the whole
user-facing, interactive firewall program never really caught on in linux
land.

------
eps
On Windows: Sysinternals Process Explorer, already mentioned Glasswire and
NetBalancer and a bunch of other apps, almost all which aren't very good at
all. But Glasswire is very nice.

~~~
joenathan
Also from Windows 8 and up the built in task manager has per process network
usage along with disk usage. Makes it real easy to find bottlenecks or
resource hogs.

~~~
dylan604
Does this require Administrator rights to see this granularity? In my office
as a non-admin user, we have noticed that Task Manager seems really crippled.

~~~
Godel_unicode
You won't see other users processes, at least on my box however the detail is
there for yours. Probably possible for it to be crippled by group policy.

~~~
nitrogen
In previous versions of Windows, the task manager menus could be toggled by
double clicking an empty area in the window. You should also be able to select
additional columns to display in the options. Note: I haven't used the win8
taskmgr.

------
kalleboo
A quick alternative on Mac is "nettop" in the Terminal

------
hanief
Nice. I use Little Snitch myself. I also appreciate the clever naming. ;)

------
lsv1
The final build should have proper shebangs and I also noticed the CSS is a
little messy. I'll submit a pull request in a bit.

Otherwise I'll give it a shot.

------
jszymborski
I've been working on a similar python webserver + webview GUI from that used
in this repo, but aren't there security concerns of just opening it up to the
local network? Aren't you exposing your entire API to any app on the same
computer?

~~~
babhishek21
I don't think so. If you look at the code carefully, it's pretty much one way
traffic. Nothing of significance goes from Client/Webview to the server to get
executed.

I was however hoping for authorization based handshakes. Maybe he'll put it in
sometime.

On a side note: The project author doesn't sleep enough. He's a good friend.
And also it's Finals Week now. :P

------
gardano
Dammit, now I've gone down a Terry Pratchett black hole again. Thanks,
cujanovic.

------
yduuz
NetBalancer is a similar tool for Windows, with interesting functionality, but
not free [https://netbalancer.com](https://netbalancer.com)

~~~
lmz
Resource Monitor (resmon.exe) is built-in and will display per process up/down
network usage. It does not have per-process graphs AFAIK.

~~~
jhovgaard
It does, you just have to select them:
[http://i.imgur.com/begi54h.png](http://i.imgur.com/begi54h.png) (notice
orange lines)

------
SixSigma
cli version

[http://linux.die.net/man/8/netstat](http://linux.die.net/man/8/netstat)

similarly for disk

[http://linux.die.net/man/1/iotop](http://linux.die.net/man/1/iotop)

~~~
lsv1
I use nethogs myself but it's not being placed on repos/ppa lately :(
[http://askubuntu.com/questions/726601/nethogs-%E2%86%92-crea...](http://askubuntu.com/questions/726601/nethogs-%E2%86%92-creating-
socket-failed-while-establishing-local-ip-are-you-root)

~~~
bostik
My current tool of choice for on-demand console traffic monitoring is
tcptrack.[0] Uses libpcap so accepts the same filtering syntax as tcpdump.

It can be pretty CPU intensive, so I would recommend against running it on
production perimeter systems. Also, the 2 second default retention period is a
bit short.

But all in all very handy.

0:
[https://tracker.debian.org/pkg/tcptrack](https://tracker.debian.org/pkg/tcptrack)

~~~
lsv1
Thanks, I'll give this a try.

------
janee
would be nice to configure a central server to which to push data to and list
the machine name with each entry so you can monitor all machines on a network
and see who and what is hogging the bandwidth. Might give it a go

~~~
jlgaddis
At a network-level, other tools are often used (e.g. sflow, netflow, ipfix,
etc.).

------
jcoffland
etherape is another option on Linux.

