When looking at traffic flowing in and out of your gateway Linux boxes you can use a variety of tools.

tcpdump is handy

For example if I wanted to know what traffic is flowing from my ppp0 interface to a remote host without resolving the names I would say.

tcpdump -i ppp0 -n host 123.123.123.11

tcpdump would do what you wanted.

But what about a summary as to all connections both UDP and TCP currently active on your box?

IPTraf is a curses style program that can display a nice summary of what’s happening on the box at the moment. By what’s happening I mean source and destination traffic addresses. Protocols and TCP Port numbers.

IPTraf can be installed by yum install iptraf or apt-get intall iptraf depending on if you run a Redhatian or Debian based distro.

You need to be root to run it.

Heres a picture, Info has been blurred: