ConMon is a command line utility that measures the traffic to and from an endpoint
ConMon is a command line utility that measures the traffic to and from an
endpoint. ConMon passively monitors the IP packets and classifies them to measure the bit rate for each of the classifiers. It is based on the Sniffer example in libpcap (tcpdump).
For more information read the project README.md
- [x] Total, TCP, UDP, local, external - [x] Each is further classified as combined, inbound, outbound and background - [x] Detect RTP/UDP (partial: if no hint is available on which port the RTP is received then there are still some false-positives. (See [v0.3.2]) - [x] STUN packets (partly: we can distinguish between STUN, DTLS, RTP/RTCP) - [x] TURN relayed packets (See [v0.3.3]). - [ ] IPv4 and IPv6 - [?] HTTP(S): port 80 and 443 - [ ] LEDBAT: e.g., Bittorrent - [x] WebRTC (see above: we already do, RTP, STUN, TURN, DTLS and in the case WebRTC flows all these packets are multiplexed on the same 5-tuple)
For possible fixes to detecting false positive RTP packets, See [v0.3.2] and [rtp-detection] for details.
For parsing RTP packets on the TURN relay, see [v0.3.3].
A few sample results have been added to the Wiki (Bitorrent, Skype, Hangouts), the Netflix, Spotify plots are available here. Research paper using ConMon for monitoring performance of WebRTC congestion control is accessible here.
If you want to parse a packet look at got_packet() there is a switch case
that parses the protocol field. You can add your own code or function to
parse the associated packet (see ParseUDPPacket()/ParseTCPPacket() in
conmon.c).