How to see traffic on a certain ip (there are multiple ips on the server)

Question

I am trying to see how to see the amount of traffic for each IP in Python in mbs so I can remove the IP address route in Linux and save my network from an attack when it occurs. but only ban the IP which is sending over 550 mbs. And also whitelist my main server's IP. I have public /29 ipv4 (8 ips) on my server, so im not talking about internal ips.

Answer 1

There are something better done in a particular language then other. In this case you are trying to see the network traffic on each of your interface which can be done better using the linux 'sysstat' package and sar tool.

$ sudo dnf install sysstat
$ sudo systemctl start sysstat.service 
$ sudo systemctl enable sysstat.service

Once the respective package is installed you can monitor the network activity using the sar tool as shown below.

$ sar -n DEV 5 10
Linux 5.15.13-200.fc35.x86_64 (fedser35)    27/01/22    _x86_64_    (8 CPU)

12:03:03 AM IST     IFACE   rxpck/s   txpck/s    rxkB/s    txkB/s   rxcmp/s   txcmp/s  rxmcst/s   %ifutil
12:03:08 AM IST        lo      0.00      0.00      0.00      0.00      0.00      0.00      0.00      0.00
12:03:08 AM IST    enp1s0      0.80      0.40      0.07      0.05      0.00      0.00      0.00      0.00

My answer may not be relevant for python. But this is the best way you can get the information. Python can be used but these tools are native to the linux system and provide more robust information.