Networking stunts

August 4, 2016 — July 17, 2020

computers are awful
computers are awful together

See also command lines it is tedious to remember for general unix/macOS/BSD commands.

Figure 1

1 Cheat sheets

Figure 2: Get this poster and much more from Julia Evans

2 Which process is bound to $PORT?

this one.

lsof -nP -i4TCP:$PORT | grep LISTEN # macOS High Sierra or later
lsof -nP -iTCP:$PORT | grep LISTEN  # other macos

For linux one could try this one.

netstat -pntl | grep $PORT # or
fuser -n tcp $PORT
Figure 3: Julia Evans’ new networking zine, send money
ss -tunap1

Archit Modi lists too many ways to find your IP address:

The following commands will get you the IP address list to find public IP addresses for your machine:

3 finding my address

  1. curl
  2. curl -4/-6
  3. curl
  4. curl
  5. curl
  6. dig +short
  7. host
  8. curl
  9. curl
  10. curl

The following commands will get you the private IP address of your interfaces:

  1. ifconfig -a
  2. ip addr (ip a)
  3. hostname -I | awk '{print $1}'
  4. ip route get | awk '{print $7}'
  5. (Fedora) Wifi-Settings→ click the setting icon next to the Wifi name that you are connected to → Ipv4 and Ipv6 both can be seen
  6. nmcli -p device show

4 Firewalls

See firewalls.

5 Stream to web


Seashells lets you pipe output from command-line programs to the web in real-time, even without installing any new software on your machine. You can use it to monitor long-running processes like experiments that print progress to the console. You can also use Seashells to share output with friends!

6 Finding bandwidth hogs

This is related to firewalls, which often monitor the traffic as well as purely directing it.

On macOS LittleSnitch, is once again the winner, by collecting statistics on various programs and how much internet they suck down.

On Linux, it’s less shiny but still feasible.

Barebones, use socket statistics, in watch mode:

watch -n1 sudo ss -ntp

See also pyroute which is some kind of ss clone in, presumably, python.

Things like ntop will give you an overview of which ports and servers and suchlike are consuming your bandwidth, i.e. at the protocol level. The presentation can be friendly, even. I couldn’t work out how to make it tell me which processes were making the connections but maybe the problem is me.

nethogs will tell you which processes are using data right now, but it won’t give you lovely graphs of data-versus-time etc. There are various GUIs, e.g. hogwatch (for web tech), gnethogs, nethogs-qt.

Fresh alternative: bandwhich

bandwhich sniffs a given network interface and records IP packet size, cross referencing it with the /proc filesystem on linux or lsof on MacOS. It is responsive to the terminal window size, displaying less info if there is no room for it. It will also attempt to resolve IPs to their host name in the background using reverse DNS on a best-effort basis.

7 Speed tests

Why are there so very very many of these? (Is it because it is an easy app to sell because it gamifies bandwidth?) Are any of them suspect? Are any of them good? How about the following two I chose pretty much randomly?

These seem reputable:

  • Netflix’s

I needed a command-line bandwidth test. speedtest and fast both seem good.

pip install speedtest-cli
npm install --global fast-cli

8 Bandwidth throttling

e.g. Not consuming all your bandwidth when you do that tether thing with your phone.

This is closely related to application firewalls, which manage traffic per process, but that is a lot more general, and also doesn’t usually include neat things like throttling.

8.1 macOS

The luxurious solution is to use the intuitive GUI to create rules in Little Snitch, or one of the other applicaiton firewalls. Go into Little Snitch and create a “profile” called “low bandwidth” which prevents e.g. your Droppantsbox or Ogle Drive or P3wncloud or other file syncing software from accessing the internet when you are in a “low bandwidth” situation. Remembering to switch to that profile, now…

8.2 Linux

Some different application firewall I s’pose? There is the elderly and quirky trickle which does application throttling but in a hairy way via dynamic library injection.

tc is more mainstream but works at the interface level and is not so obvious, although there are basic GUIs.