Help us improve your experience.

Let us know what you think.

Do you have time for a two-minute survey?

Navigation
Guide That Contains This Content
[+] Expand All
[-] Collapse All

    Documentation Search

    jnetTcpdump

    Syntax

    jnetTcpdump [-c] [-I | -O] -i interface [-w filename] [-C size] [-f IPv4 address {src|dst|any}]

    Description

    Starts packet capture, using a copy of the packet from the JNET driver packet queuing module. Type Ctrl-C to stop the capture. Functionality is similar to the UNIX tcpdump utility. In contrast to tcpdump, which captures only Rx packets, you can use jnetTcpdump to capture Rx or Tx packets.

    You cannot use jnetTcpdump to read packet capture files. Instead, use tcpdump or a packet reader, such as Wireshark, to read the packet capture files.

    The jnetTcpdump utility is in the/usr/idp/device/utils/ directory.

    Note: The jnetTcpdump process is stopped automatically during a restart, reboot, or ACM configuration change.

    Options

    Table 1 describes the arguments and filter options for the jnetTcpdump command.

    Table 1: Command Reference: jnetTcpdump

    Arguments and Options

    Usage and Examples

    [-c]

    (Optional) Use with the -C and -w options. Specify -c to enable a packet file-generating system where packet capture contents is written to new files when the -C size limit is reached. After the limit is reached, the next packet capture content is written to filename.part1 until the -C size is reached, then into filename.part2, and so on, until you terminate the packet capture or exhaust the available space.

    [-I | -O]

    (Optional) Specify -I to capture Rx packets (packets received) or -O to capture Tx packets (packets transmitted). If you do not specify one of these options, the command captures both.

    -i interface

    Specify the interface on which to listen for packets. You can run jnetTcpdump on more than one interface simultaneously. You cannot start more than one jnetTcpdump process on the same interface.

    -w filename

    (Optional) Write the packet capture data to the specified file. If you do not specify an outfile, the capture is written to the terminal screen.

    -C size

    (Optional) Specify the maximum number of packets saved to the packet capture file.

    -f IPv4 address {src|dst|any}

    (Optional) specify one of the following filters:

    • src—Capture packets when the source address matches.
    • dst—Capture packets when the destination address matches.
    • any—Capture packets when either source or destination address matches.

    The following example filters on destination IP address.


    [root@localhost ~]# jnetTcpdump -i eth4 -f 4.0.0.4 dst
    jnetPassiveAttach done
    jnet tcpdump Started on eth4 for both Receive & Transmit side
    Filter enabled - Host:4.0.0.4 as dst
    0 50 56 a4 21 6c 0 50 56 a4 d 9 8 0 45 0 0 54 0 0 40 0 40 1 32 a3 4 0 0 3 4 0 0 4 8 0 55 8e 8e 4f 0 0
    ba 9f 3e 4d 21 32 f 0 8 9 a b c d e f 10 11 12 13 14 15
    0 50 56 a4 21 6c 0 50 56 a4 d 9 8 0 45 0 0 54 0 0 40 0 40 1 32 a3 4 0 0 3 4 0 0 4 8 0 97 88 8e 4f 0 1
    
    bb 9f 3e 4d de 36 f 0 8 9 a b c d e f 10 11 12 13 14 15
    Done...No of Packet Captured is 2
    No of Packets filtered-out 2
    

    Published: 2011-02-08