Forum Discussion

SSHSSH_97332's avatar
SSHSSH_97332
Icon for Nimbostratus rankNimbostratus
Dec 20, 2011

TCPDump on LTM

  i need to check the below :     check if traffic from : src-ip=41.6.6.5 dst-port=80 is reaching my virtual-server-ip=193.161.1.1   what will be the command ?       check ...
config
design
Hamish's avatar
Hamish
Icon for Cirrocumulus rankCirrocumulus
Dec 20, 2011

 

1 tcpdump -e -i 0.0 -nn -p host 41.6.6.5 and host 193.161.1.1 and port 80

 

- Ignores whether the traffic is tcp/udp, but then you didn't specify either :)

 

 

2 tcpdump -e -i 0.0 -nn -p host 41.6.6.5 and host and icmp

 

- DOesn't bother checking the type. You could tie it down to icmp-echo in and icmp-echo-reply out, but unless you have issues with too much icmp, that filter will do fine.

 

 

 

Note I use

 

 

-e shows the ethernet MAC addresses in the output. And VLAN tagging as well if running 802.1Q

 

-i 0.0 listen on all interfaces.

 

-nn don't translate IP's or ports to names

 

-p don't run in promiscuous mode (Doesn't mean a lot here. Force of habit from my old days with SunOS 4.1 and AIX :)

 

-- promiscuous does mean a lot on solaris 10.x. You only get one-way traffic if you specify -p with snoop... But I digress..

 

 

 

H