Packet Capture
(2013-07-18)
Show information of packets seen on an interface:
# diag sniffer packet internal none 4 3
internal in 192.168.0.1.22 -> 192.168.0.30.1144: psh 2859918764 ack 1949135261
internal in 192.168.0.1.22 -> 192.168.0.30.1144: psh 2859918816 ack 1949135261
internal out 192.168.0.30.1144 -> 192.168.0.1.22: ack 2859918884
In this example:
- none is the filter
- 4 means show verbose level 4
- 3 means show 3 packets then stop
Verbose levels: usually you want level 3 or level 4. Level three shows you a hex dump of the packet, good for looking for mac addresses or whatever. If you just want to see the IP/TCP information, level 4 is sufficient.
Other examples:
# diag sniffer packet internal1 "host 10.10.0.1" 4 150
# diag sniffer packet internal1 "src host 10.10.0.1" 4 150
# diag sniffer packet internal1 "src host 10.10.0.1 dst host 10.20.0.1" 4 150