IPTraf's facilities can be placed in the background solely for logging. When running in the background, it doesn't display any output on the screen, and doesn't receive input from the keyboard, and drops you back to the shell.
Before starting a statistical facility in the background, configure IPTraf in the usual way (set filters, add TCP/UDP ports, etc).
Once that's done, exit all instances of IPTraf on the system, then invoke IPTraf from the command line with the parameter to start the facility you want, the timeout (-t) parameter if you wish, and the -B parameter to actually daemonize the program. For example, to run the IP traffic monitor in the background for all interfaces, issue the command
iptraf -i all -B
To run the detailed interface statistics on interface eth0 for 5 minutes in the background:
iptraf -d eth0 -t 5 -B
If the timeout parameter is not specified, the facility will run until the process receives a USR2 signal. To stop a facility in the background, do a
at the command line, and find the process id (pid) of the iptraf process you're looking for. Then send that process a USR2 signal with the kill command:
kill -USR2 pid
Since IPTraf cannot send error messages to the terminal, all messages are written to the file daemon.log in the IPTraf logging directory.
The -B parameter automatically enables logging regardless of its configured setting. The parameter is ignored if not used with one of the parameters to start a facility from the command line.
The log file can be specified with the -L command-line parameter. If this parameter is not specified, the default log file name for the facility will be used (see the descriptions of the facilities above for the default log name patterns). If you don't specify an path, the log file will be placed in /var/log/iptraf.
The logging interval for all facilities (except the IP traffic monitor) can also be overriden with the -I command-line parameter.