Forum Discussion
SSHSSH_97332
Nimbostratus
NimbostratusTCPDump on LTM
i need to check the below :
check if traffic from : src-ip=41.6.6.5 dst-port=80 is reaching my virtual-server-ip=193.161.1.1
what will be the command ?
check if ping tarffic from : src-ip = 41.6.6.5 , type = ICMP ping dst-ip= F5 self-ip , check if that ping is reaching my LTM
what will be the command ?
7 Replies
HamishCirrocumulus
1 tcpdump -e -i 0.0 -nn -p host 41.6.6.5 and host 193.161.1.1 and port 80
- Ignores whether the traffic is tcp/udp, but then you didn't specify either :)
2 tcpdump -e -i 0.0 -nn -p host 41.6.6.5 and host and icmp
- DOesn't bother checking the type. You could tie it down to icmp-echo in and icmp-echo-reply out, but unless you have issues with too much icmp, that filter will do fine.
Note I use
-e shows the ethernet MAC addresses in the output. And VLAN tagging as well if running 802.1Q
-i 0.0 listen on all interfaces.
-nn don't translate IP's or ports to names
-p don't run in promiscuous mode (Doesn't mean a lot here. Force of habit from my old days with SunOS 4.1 and AIX :)
-- promiscuous does mean a lot on solaris 10.x. You only get one-way traffic if you specify -p with snoop... But I digress..
H- nitass
Employee
2 tcpdump -e -i 0.0 -nn -p host 41.6.6.5 and host and icmp i guess Hamish wants you to add selfip after 2nd host.
tcpdump -e -i 0.0 -nn -p host 41.6.6.6 and host x.x.x.x and icmp
x.x.x.x is f5 selfip - HamishYeah. Sorry... I put angle brackets around the for f5-self-ip... Forgetting about the magic of auto-formatting :)
H - HamishYeah. Sorry... I put angle brackets around the for f5-self-ip... Forgetting about the magic of auto-formatting :)
H - HamishYeah. Sorry... I put angle brackets around the for f5-self-ip... Forgetting about the magic of auto-formatting :)
H - SSHSSH_97332Thanks Alotttt
Chris_Phillipshe's just referring to quirks of this forum software, you can ignore those remarks.
![\"F5](\"https://www.f5.com/content/dam/f5/f5-logo.svg\"){kind=logo}