Forum Discussion
Mayank_Shukla
Altostratus
Altostratustcpdump
Hi Can someone confirm me whether below tcpdump script syntax are error free for 11.5.x LTMs
tcpdump -envi 0.0:nnnp -s0 'host x.x.x.x and host y.y.y.y' -w /var/tmp/dc1.pcap
tcpdump -envi 0.0:nnnp -s0 '(host z.z.z.z or y.y.y.y or k.k.k.k or m.m.m.m) and (host h.h.h.h or i.i.i.i or s.s.s.s or t.t.t.t)' -w /var/tmp/dc2.pcap
Can I get more info or examples about the tcpdump command options on LTM ?
Check out this article on AskF5.com: K411: Overview of packet tracing with the tcpdump utility
devnullNZNimbostratus
You can also use dumpcap, which will save your capture in pcapng format. e.g. rotating capture, limited to 10 x 10M files dumpcap -i eth0 -s128 -b filesize:10000 -b files:10 -w /shared/tmp/capture.pcap -f "(host 10.1.1.2 and tcp port 80) or (host 10.1.1.10 and tcp port 443) or icmp"
