Scribd Logo
Importer

Bienvenue sur Scribd !

  • TCP Dump

    Transféré par

    ravisr1976
    163 vues2 pages
    This document provides instructions for using the tcpdump command to capture network traffic on a DataMover server. It outlines the following steps: 1. Link the server_mgr tool to server_tcpdump and start a capture on an interface like cge1, writing output to a file. 2. Monitor the capture process by checking its status. 3. Stop the active capture using server_tcpdump. 4. The capture file can then be viewed on the Linux control station using tcpdump or Wireshark for more detailed analysis.

    Description originale:

    Titre original

    Tcp Dump

    Copyright

    © © All Rights Reserved

    Formats disponibles

    TXT, PDF, TXT ou lisez en ligne sur Scribd

    Avez-vous trouvé ce document utile ?

    Ce contenu est-il inapproprié ?

    Signaler ce document
    This document provides instructions for using the tcpdump command to capture network traffic on a DataMover server. It outlines the following steps: 1. Link the server_mgr tool to server_tcpdump and start a capture on an interface like cge1, writing output to a file. 2. Monitor the capture process by checking its status. 3. Stop the active capture using server_tcpdump. 4. The capture file can then be viewed on the Linux control station using tcpdump or Wireshark for more detailed analysis.

    Droits d'auteur :

    © All Rights Reserved
    Téléchargez comme TXT, PDF, TXT ou lisez en ligne sur Scribd
    Signaler comme contenu inapproprié
    163 vues2 pages

    TCP Dump

    Transféré par

    ravisr1976
    This document provides instructions for using the tcpdump command to capture network traffic on a DataMover server. It outlines the following steps: 1. Link the server_mgr tool to server_tcpdump and start a capture on an interface like cge1, writing output to a file. 2. Monitor the capture process by checking its status. 3. Stop the active capture using server_tcpdump. 4. The capture file can then be viewed on the Linux control station using tcpdump or Wireshark for more detailed analysis.

    Droits d'auteur :

    © All Rights Reserved
    Téléchargez comme TXT, PDF, TXT ou lisez en ligne sur Scribd
    Signaler comme contenu inapproprié
    sur 2

    Can i get some help on the tcpdump command specific to the user IP address..

    I have been using this one since a while...


    /nas/sbin/server_tcpdump server_2 -start fsn01 -w /root_vdm_1/mrrbwtrnuatfs1/tra
    ce-1 -host 10.103.101.81
    /nas/sbin/server_tcpdump server_2 -start trk1 -w /dm2/tcpdump.cap
    2. Monitor the process of the capture by using the following command:
    /nas/sbin/server_tcpdump server_x -display
    3. Stop the capture by using the following command:
    /nas/sbin/server_tcpdump server_x -stop trk1
    4. The Linux Control Station can be used to display the capture file or it can v
    iewed in more detail with Wireshark which is available free from www.wireshark.o
    rg.
    To view the capture file using the Control Station issue the following command a
    s root:
    /usr/sbin/tcpdump -r /nas/rootfs/slot_2/dm2/tcpdump.cap | more
    https://support.emc.com/media43119

    To enable the interface cge0 on server_2, type:


    $ server_ifconfig server_2 cge0 up
    CONDUCTING NETWORK TRACES ON DATAMOVER USING TCPDUMP: NAS 4.x +
    Step 1.
    Link server_mgr to server_tcpdump on CS:
    # ln -s /nas/bin/server_mgr /nas/sbin/server_tcpdump
    Step 2.
    Start network capture:
    # /nas/sbin/server_tcpdump server_2 -start ace0 -w /mnt01/tcpdump.log -max
    1000 (size in kb) s 1514
    Or # /nas/sbin/server_tcpdump server_2 -start fsn0 -w /artwkgrp/artwkgrp/dmp.tst
    (NAS 5.4)
    Or # /nas/sbin/server_tcpdump server_2 -start cge1 -w /fs_quota/tcpdump.log -ma
    x 1000 -s 1514
    server_2 :
    Packet capturing started.
    Step 3. Monitor capture:
    # /nas/sbin/server_tcpdump server_2 -display
    server_2 :
    Packet capturing OK on device: cge1 , to file: /fs_quota/tcpdump.log-1
    pckts captured: 38 filtered out: 0 dropped: 0
    Step 4. Stopping the capture:
    # /nas/sbin/server_tcpdump server_2 -stop ace0
    server_2 :
    Packet capturing stopped.
    Step 5. Review trace on CS or download and review using Ethereal, etc.:
    # /usr/sbin/tcpdump -r /nasmcd/quota/slot_2/fs_quota/dump_nosnap.log n |more
    Switches: -display | -stop ace0 | -host [IP Address only, & dont abbreviat
    e]| -s snaplen [packet size bytes]

    Note 1:
    Try to use s 1514 whenever possible to prevent truncation of SMB packets
    Note 2:
    $ /nas/sbin/server_tcpdump server_2 -start cge5 -w /tmp/dmp.out Cannot use tcpd
    ump from DM to write to Control Station
    PacketCapture: failed to initialize asynclog object
    Engineering Facility to Run TCPDUMP:
    $ .server_config server_2 -v
    netcap action=start device=ace0 filename=
    /dump/dump.log [root of DM]
    $ .server_config server_2 -v netcap action=display
    $ /nas/sbin/server_tcpdump server_2 -display [Info regarding current tcpdump]
    $ .server_config server_2 -v netcap action=stop device=ace0
    $ /usr/sbin/tcpdump -r /nas/rootfs/slot_2/dump/dump.log -n [Reading the capt
    ure from Control Station?]
    Note: TCPDUMP requires the following passwd file entry in /etc/shadow [/etc/pas
    swd] in order to start up:
    pcap:!!:12475:0:99999:7:::
    LINUX CONTROL STATION TCPDUMP:
    Step 1. #/usr/sbin/tcpdump -s 2000 -w /tmp/dump1 host 192.1.5.44 and 192.
    1.5.23
    Step 2. Starts capture between the two nodes; Use ctrl + c to stop capture
    Step 3. Display Capture: #/usr/sbin/tcpdump -vvex -r /tmp/dump1 |more

    Vous aimerez peut-être aussi