When looking at traffic flowing in and out of your gateway Linux boxes you can use a variety of tools.
tcpdump is handy
For example if I wanted to know what traffic is flowing from my ppp0 interface to a remote host without resolving the names I would say.
tcpdump -i ppp0 -n host 18.104.22.168
tcpdump would do what you wanted.
But what about a summary as to all connections both UDP and TCP currently active on your box?
IPTraf is a curses style program that can display a nice summary of what’s happening on the box at the moment. By what’s happening I mean source and destination traffic addresses. Protocols and TCP Port numbers.
IPTraf can be installed by
yum install iptraf or
apt-get intall iptraf depending on if you run a Redhatian or Debian based distro.
You need to be root to run it.
Heres a picture, Info has been blurred: