yuuki/lstf

Stars
159
Rank 234,576 (Top 5 %)
Language
Go
License
MIT License
Created over 6 years ago
Updated over 3 years ago

yuuki/lstf

yuuki

There are no reviews yet. Be the first to send feedback to the community and the maintainers!

The aggregated TCP flows printer in Linux

lstf

lstf prints host flows (aggregated network connection flows to the same source or destination ports) by Linux netlink and enables you to simply grasp the network relationship between localhost and other hosts.

friend: yuuki/lsconntrack

Features

Distinction of active open and passive open
Print also the number of connections of each flows (the absolute values are meaningless)
Go portability
JSON support
TCP support only

Installation

Download binary from GitHub Releases

https://github.com/yuuki/lstf/releases

How to use

HTTP requests --> Web:80 --> MySQL:3306

$ lstf -n
Local Address:Port   <-->   Peer Address:Port     Connections
10.0.1.9:many        -->    10.0.1.10:3306        22
10.0.1.9:many        -->    10.0.1.11:3306        14
10.0.2.10:22         <--    192.168.10.10:many    1
10.0.1.9:80          <--    10.0.2.13:many        120
10.0.1.9:80          <--    10.0.2.14:many        202

--> indicates active open
<-- indicates passive open

Sort flows by the number of connection.

$ lstf -n | sort -nrk4

JSON format

$ lstf --json | jq -r -M '.'
[
  {
    "direction": "active",
    "local": {
      "name"| "app01.local",
      "addr": "10.0.1.9",
      "port": "many"
    },
    "peer": {
      "name"| "db01.local",
      "addr": "10.0.100.1",
      "port": "3306"
    },
    "connections": 20
  },
  {
    "direction": "passive",
    "local": {
      "name"| "app01.local",
      "addr": "10.0.1.9",
      "port": "80"
    },
    "peer": {
      "name"| "web01.local",
      "addr": "10.0.200.1",
      "port": "many"
    },
    "connections": 27
  },
  ...
]

License

Author

droot

The super-simple chroot-based application container engine.

diamondb

[WIP] DiamonDB: Rebuild of time series database on AWS.

shawk

[PoC] A socket-based tracing system for discovering network service dependencies. (renamed from transtracer)

gokc

Yet Another Keepalived Syntax Checker in Golang.

lsconntrack

The Linux netfilter conntrack-based connection flows pretty printer.

yuuki-learned

What I learned.

go-conntracer-bpf

Go library using eBPF to trace network flow events

grabeni

Grabeni - An ops-friendly AWS Elastic Network Interface (ENI) attachment grabbing tool.

capze

A tool to make Capistrano-based directory structure

opstools

Tools for fast server operation

binrep

The static binary repository manager

syscall-study

Linux system calls study

xtsdb

[PoC] Xtsdb: A scalable time series database on two tiers of Redis and Cassandra.

Monitorel

A Web API providing server performance metrics graphs

dockerized-perl-app

How to dockerized perl web application

dotfiles

mftracer

[WIP] A CLI visualizer for distributed dependency graph by TCP port tracing

WebService-Qiita

Perl wrapper for Qiita API

perl-local-lib-path.vim

perl-local-lib-path is a helper for vim path

redis-cluster-tutorial

Playground for Redis cluster tutorial

cfstacker

A simple AWS CloudFormation stacks manager

mkr-check

A CLI to run check commands in mackerel-agent.conf.

dockerfiles

bootstrap

Bootstrap script for clean OS to feel better

ansible-operation-helper

paper-tex-en-boilerplate

The template for writing English paper in Tex.

albio

albio: A CLI tool to gracefully manage EC2 instances with ALB/NLB

yuuki

yuuki's GitHub profile

Coteng

Coteng - Lightweight Teng

p5-RRD-Rawish

A RRDtool wrapper with rawish interface in Perl

mackerel2route53

[WIP] Internal DNS on Route53 based on mackerel.io

isucon5-qualifier

はむちゃん

cookwares

connperf

Network connections generator in Go.

shawk-experiments

blog.yuuk.io

http://blog.yuuk.io

rlq

pgmonit

A web-based Postgres statistics monitor

unite-perl-module.vim

Perl module source for unite.vim

syntastic-local-lib-path.vim

A plugin for syntastic to add local lib path such as local/lib/perl5.