SlideShare a Scribd company logo

Howto ethereal-wireshark-trace en

J
JORGE GOMEZ

captura de paquetes con wireshark

Engineering
1 of 9
Download to read offline
HOWTO - Packet capturing (Tracing) in Ethereal/Wireshark Format – Page 1 of 9 HOWTO - Packet capturing (Tracing) in Ethereal/Wireshark Format 29.08.2007, Dieter Müller, Presales Consultant With release 7.5 funkwerk devices support exporting trace information to a ethereal/wireshark readable format or directly to the ethereal program. This way a very detailed troubleshooting and packet analysis is possible also on links, which are difficult to trace with normal methods, e.g. a directly connected DSL line. Requirements The tracing in Ethereal / Wireshark format is implemented in all funkwerk R-Series (e.g. R232b / R3000), TR-Series (e.g. TR200) and W-Series (e.g. W1002) starting with software release 7.5. On the client side you can use either Windows or Linux platform for starting the trace. Windows platform: For tracing with Windows hosts you have to install the Brickware software package with minimum version 7.5 Linux platform: For tracing with Linux hosts you have to download “bricktrace-linux” binary from download website or FTP-server 1.) Installation 1a.) Windows platform Download and install the latest Brickware Tools from http://www.funkwerk-ec.com/dl_bintec_brickware_en.html You just have to install the DIME-Tools packets for the tracing. Install Ethereal/Wireshark from www.ethereal.com or www.wireshark.org. 1b.) Linux platform Download the binary “bricktrace-linux” from ftp.funkwerk-ec.com or http://www.funkwerk-ec.com/dl_bintec_unix_tools_de.html Install Ethereal/Wireshark for your Linux version from www.ethereal.com or www.wireshark.org, or use the version provided within your linux distribution. If necessary, update your funkwerk device with a software version 7.5 or higher.
HOWTO - Packet capturing (Tracing) in Ethereal/Wireshark Format – Page 2 of 9 2.) Capturing Take care that you have a IP connectivity from your host to the funkwerk device, e.g. you can do a ping from your host to the funkwerk device over a LAN / WAN or VPN link. 2a.) Windows platform • Start the DIME Tools • Start “New Trace …” • Enter the IP address of the device and “Connect”
HOWTO - Packet capturing (Tracing) in Ethereal/Wireshark Format – Page 3 of 9 • Enter the admin password of the device (default: funkwerk or bintec (only R3400/R3800) • Select the trace settings o Choose an interface (e.g. LAN Port 1001) or Ethernet-over-ATM (50001) o If you want to trace a isdn channel select the respective B- or D-channel o Select a Pcap File and filename
HOWTO - Packet capturing (Tracing) in Ethereal/Wireshark Format – Page 4 of 9 • The trace is started and captures all packets until trace is stopped • For stopping the trace close the trace window or stop the DIME Tools
HOWTO - Packet capturing (Tracing) in Ethereal/Wireshark Format – Page 5 of 9 • Open the stored pcap-File with Ethereal / Wireshark. • Ethereal has powerful filtering capabilites. For using them see http://www.ethereal.com/docs/ or http://www.wireshark.org/docs
HOWTO - Packet capturing (Tracing) in Ethereal/Wireshark Format – Page 6 of 9 2b.) Linux platform The use of the linux version has two advantages in comparison to the windows version: Realtime Trace The output of the bricktrace-linux program can be directly send to ethereal. This means you can see the traced packets in realtime. With the windows version you first have to finish the trace and open the pcap trace files afterwards. Prefilter possibility The output of the bricktrace-linux can be filtered directly from the program itself. This is e.g. an advantage if the trace-session to the funkwerk device is running over a slow link, but a faster link should be traced (e.g. tracing a DSL connection over a ISDN management link). You can see the usage of the bricktrace-linux program with all its options with “bricktrace-linux -?”. user@linux:~/bricktrace-linux> bricktrace-linux -? Bintec/Funkwerk remote interface tracer ($Revision: 2.43 $) Usage: bricktrace-linux [opts] <routerip> [<channel> <unit> <slot> or <ifindex>] -h hexadecimal output (-! for full length) -2 layer 2 output -3 layer 3 output -a asynchronous HDLC (B-Channel only) -e ETS300075 (EuroFileTransfer) output (B-channel only) -F FAX (B-Channel only) -A FAX + AT Commands (B-Channel only) -D delta time -p PPP (B-Channel only) -f Frame Relay (B-Channel only) -i IP output -N Novell(c) IPX output -t ascii text output (B-Channel only) -x raw dump mode -X asynchronous PPP over X.75 -T <tei> set tei filter (D-Channel only) -c <cref> set callref filter (D-Channel only) -r <cnt> capture only cnt bytes per paket -v increase debug verbose level -V 1..3 trace protocol version (default: 3) -P<port> specify trace tcp port (default: 7000) -I ipsrc:ipdst:proto:srcport:dstport IPsession filter -B ip1:ip2:proto:port1:port2 bidirect IPsession filter -o OR for LAN filter --src=<addr> LAN filter for source MAC address --dst=<addr> LAN filter for destination MAC address --llc LAN filter for LLC packets --help extended help (environ vars & filter) --vpi=<vci> VPI for ADSL connections --vci=<vpi> VCI for ADSL connections --ethereal start ethereal (implies --pcap-pipe) --pcap-pipe write data in pcap-format into named pipe --pcap-file write data in pcap-format into file --ofile=<fname> out filename (pipe/file) --pwd=<passwd> remote admin-password
HOWTO - Packet capturing (Tracing) in Ethereal/Wireshark Format – Page 7 of 9 <routerip> trace host (router's name or IP-address) <channel> 0 = D-Channel or no ISDN, 1..31 = Bx-Channel <unit> 0..15 <slot> 0..9 <ifindex> interface index (instead of chan/unit/slot) if no chan/unit/slot or ifindex given: list all interfaces Examples: bricktrace-linux router : list all interfaces bricktrace-linux router 0 1 2 : D-Channel(0) of ISDN Slot 2, Unit 1 bricktrace-linux router 1000 : LAN Interface 1000 (Slot 1) bricktrace-linux router 100001 : virtual IPsec interface 100001 bricktrace-linux --ethereal router 1000 : write PCAP & start ethereal bricktrace-linux --pcap-file router 1000 : write PCAP file user@linux:~/bricktrace-linux> For finding out the traceable interfaces of the device, use the command without “ifindex”. user@linux:~> bricktrace-linux --pwd funkwerk 192.168.1.1 bricktrace-linux: connected to 192.168.1.1:7000 Ifc: 1000 Type: 7 (LAN 802.3) Ifc: 5000 Type: 7 (LAN 802.3) Ifc: 2000 Type: 4 (WLAN) Ifc: 3000 Type: 3 (ATM) Ifc: 4000 Type: 0 (ISDN D-channel) Ifc: 50000 Type: 7 (LAN 802.3) Ifc: 200000 Type: 7 (LAN 802.3) end user@linux:~> For resolving the interface index values (Ifc) use the “ifstat” command on the telnet console to the router (not on the linux machine!) r232bw:> ifstat Index Descr Type Mtu Speed St Ipkts Ies Opkts Oes PhyAddr/ChgTime 000000 REFUSE othr 8192 0 up 0 0 0 0 0 00:00:00 000001 LOCAL othr 8192 0 up 0 0 0 0 0 00:00:00 000002 IGNORE othr 8192 0 up 0 0 0 0 0 00:00:00 001000 en1-0 eth 1500 100M up 1962248 0 3015 0 00:a0:f9:09:7d:f8 001001 en1-0-llc eth 1496 100M up 186 0 0 0 00:a0:f9:09:7d:f8 001002 en1-0-snap eth 1492 100M up 139 0 0 0 00:a0:f9:09:7d:f8 005000 en5-0 eth 1500 100M up 501 0 484 0 00:a0:f9:09:7d:f8 005001 en5-0-llc eth 1496 100M up 0 0 0 0 00:a0:f9:09:7d:f8 005002 en5-0-snap eth 1492 100M up 0 0 0 0 00:a0:f9:09:7d:f8 050000 ethoa50-0 eth 1500 10M dn 0 0 0 0 00:a0:f9:89:7d:f8 050001 ethoa50-0-ll eth 1496 10M dn 0 0 0 0 00:a0:f9:89:7d:f8 050002 ethoa50-0-sn eth 1492 10M dn 0 0 0 0 00:a0:f9:89:7d:f8 200000 vss1-0 eth 1500 54M dn 0 0 0 0 00:00:00:00:00:00 200001 vss1-0-llc eth 1496 54M dn 0 0 0 0 00:00:00:00:00:00 200002 vss1-0-snap eth 1492 54M dn 0 0 0 0 00:00:00:00:00:00 total: 15 r232bw:>
HOWTO - Packet capturing (Tracing) in Ethereal/Wireshark Format – Page 8 of 9 For tracing a certain interface and directly show the trace in ASCII format on the your console add the interface index (also called <ifindex> or <ifc): user@linux:~> bricktrace-linux --pwd funkwerk 192.168.1.1 1000 bricktrace-linux: connected to 192.168.1.1:1000 Ifc:1000 (Chan:0 Unit:0 Slot:1) Type: 7 (LAN 802.3) 030095.193 R DATA[0060] 0000: ff ff ff ff ff ff 00 03 47 4d c5 45 08 06 00 01 ........GM.E.... 0010: 08 00 06 04 00 01 00 03 47 4d c5 45 c0 a8 01 64 ........GM.E...d 0020: 00 00 00 00 00 00 ...... Arp Request: Who is 192.168.1.1 ? Tell: 192.168.1.100 030095.193 X DATA[0042] 0000: 00 03 47 4d c5 45 00 a0 f9 09 7d f8 08 06 00 01 ..GM.E....}..... 0010: 08 00 06 04 00 02 00 a0 f9 09 7d f8 c0 a8 01 01 ..........}..... 0020: 00 03 47 4d c5 45 ..GM.E Arp Reply: 192.168.1.1 is 00:a0:f9:09:7d:f8 030095.193 R DATA[0098] 0000: 00 a0 f9 09 7d f8 00 03 47 4d c5 45 08 00 45 00 ....}...GM.E..E. 0010: 00 54 09 51 40 00 40 01 ad a2 c0 a8 01 64 c0 a8 .T.Q@.@......d.. 0020: 01 01 08 00 d0 da ...... IP-Packet from 192.168.1.100 to 192.168.1.1 protocol ICMP ICMP-Message , type echo request 030095.193 X DATA[0098] 0000: 00 03 47 4d c5 45 00 a0 f9 09 7d f8 08 00 45 00 ..GM.E....}...E. 0010: 00 54 0b 18 40 00 3f 01 ac db c0 a8 01 01 c0 a8 .T..@.?......... 0020: 01 64 00 00 d8 da .d.... IP-Packet from 192.168.1.1 to 192.168.1.100 protocol ICMP ICMP-Message , type echo reply user@linux:~> For filtering the trace-output use the options “-I” and “-B”. The syntax is: -I ipsrc:ipdst:proto:srcport:dstport IPsession filter -B ip1:ip2:proto:port1:port2 bidirect IPsession filter Example: Tracing only ICMP packets (IP protocol 1): bricktrace-linux --pwd funkwerk -I ::1 192.168.1.1 1000 Example: Tracing only telnet packets (TCP (IP protocol 6), Port 23) bricktrace-linux --pwd funkwerk -B ::6:23 192.168.1.1 1000 Example: Tracing only packets between two host IP addresses: bricktrace-linux --pwd funkwerk -B 192.168.1.1:192.168.1.100 192.168.1.1 1000
HOWTO - Packet capturing (Tracing) in Ethereal/Wireshark Format – Page 9 of 9 Using Ethereal / Wireshark with bricktrace-linux For sending the trace to a ethereal/wireshark readable file, use the options “—pcap-file” and “-ofile=<filename>” bricktrace-linux --pwd funkwerk --pcap-file --ofile=testtrace.pcap 192.168.1.1 1000 Open the file with Ethereal / Wireshark. For sending the trace in realtime to ethereal/wireshark, use the options “—ethereal”. All output is piped to ethereal.

Recommended

Asa pixfwsm multicast tips and common problems
Asa pixfwsm multicast tips and common problemsAsa pixfwsm multicast tips and common problems
Asa pixfwsm multicast tips and common problemsIT Tech
 
Linux router
Linux routerLinux router
Linux routerMiguel E Arellano Quezada
 
Juniper JNCIA – Juniper RIP and OSPF Route Configuration
Juniper JNCIA – Juniper RIP and OSPF Route ConfigurationJuniper JNCIA – Juniper RIP and OSPF Route Configuration
Juniper JNCIA – Juniper RIP and OSPF Route ConfigurationHamed Moghaddam
 
Juniper JNCIA – Juniper OSPF Route Configuration
Juniper JNCIA – Juniper OSPF Route ConfigurationJuniper JNCIA – Juniper OSPF Route Configuration
Juniper JNCIA – Juniper OSPF Route ConfigurationHamed Moghaddam
 
Cisco CCNA GRE Tunnel Configuration
Cisco CCNA GRE Tunnel ConfigurationCisco CCNA GRE Tunnel Configuration
Cisco CCNA GRE Tunnel ConfigurationHamed Moghaddam
 
Networking Tutorial Goes to Basic PPP Configuration
Networking Tutorial Goes to Basic PPP ConfigurationNetworking Tutorial Goes to Basic PPP Configuration
Networking Tutorial Goes to Basic PPP Configuration3Anetwork com
 
CCNA - Routing & Switching Commands
CCNA - Routing & Switching CommandsCCNA - Routing & Switching Commands
CCNA - Routing & Switching CommandsEng. Emad Al-Atoum
 
Junos vs ios Troubleshooting comands
Junos vs ios Troubleshooting comands Junos vs ios Troubleshooting comands
Junos vs ios Troubleshooting comands sandeep kumar
 

Recommended

Asa pixfwsm multicast tips and common problems
Asa pixfwsm multicast tips and common problemsAsa pixfwsm multicast tips and common problems
Asa pixfwsm multicast tips and common problemsIT Tech
 
Linux router
Linux routerLinux router
Linux routerMiguel E Arellano Quezada
 
Juniper JNCIA – Juniper RIP and OSPF Route Configuration
Juniper JNCIA – Juniper RIP and OSPF Route ConfigurationJuniper JNCIA – Juniper RIP and OSPF Route Configuration
Juniper JNCIA – Juniper RIP and OSPF Route ConfigurationHamed Moghaddam
 
Juniper JNCIA – Juniper OSPF Route Configuration
Juniper JNCIA – Juniper OSPF Route ConfigurationJuniper JNCIA – Juniper OSPF Route Configuration
Juniper JNCIA – Juniper OSPF Route ConfigurationHamed Moghaddam
 
Cisco CCNA GRE Tunnel Configuration
Cisco CCNA GRE Tunnel ConfigurationCisco CCNA GRE Tunnel Configuration
Cisco CCNA GRE Tunnel ConfigurationHamed Moghaddam
 
Networking Tutorial Goes to Basic PPP Configuration
Networking Tutorial Goes to Basic PPP ConfigurationNetworking Tutorial Goes to Basic PPP Configuration
Networking Tutorial Goes to Basic PPP Configuration3Anetwork com
 
CCNA - Routing & Switching Commands
CCNA - Routing & Switching CommandsCCNA - Routing & Switching Commands
CCNA - Routing & Switching CommandsEng. Emad Al-Atoum
 
Junos vs ios Troubleshooting comands
Junos vs ios Troubleshooting comands Junos vs ios Troubleshooting comands
Junos vs ios Troubleshooting comands sandeep kumar
 
1
11
1saman kumara
 
Cisco CCNA IP SLA with tracking configuration
Cisco CCNA IP SLA with tracking configurationCisco CCNA IP SLA with tracking configuration
Cisco CCNA IP SLA with tracking configurationHamed Moghaddam
 
Cisco CCNA IPV6 Static Configuration
Cisco CCNA IPV6 Static ConfigurationCisco CCNA IPV6 Static Configuration
Cisco CCNA IPV6 Static ConfigurationHamed Moghaddam
 
Ip Access Lists
Ip Access ListsIp Access Lists
Ip Access ListsCCNAResources
 
Useful Linux commands
Useful Linux commandsUseful Linux commands
Useful Linux commandsSukanta Pradhan
 
Cisco switch commands cheat sheet
Cisco switch commands cheat sheetCisco switch commands cheat sheet
Cisco switch commands cheat sheet3Anetwork com
 
Lab 9 instructions
Lab 9 instructionsLab 9 instructions
Lab 9 instructionstrayyoo
 
IPv6 for Pentesters
IPv6 for PentestersIPv6 for Pentesters
IPv6 for Pentesterscamsec
 
Cisco CCNA OSPF IPV6 Configuration
Cisco CCNA OSPF IPV6 ConfigurationCisco CCNA OSPF IPV6 Configuration
Cisco CCNA OSPF IPV6 ConfigurationHamed Moghaddam
 
Ccna 2 chapter 11 v4.0 answers 2011
Ccna 2 chapter 11 v4.0 answers 2011Ccna 2 chapter 11 v4.0 answers 2011
Ccna 2 chapter 11 v4.0 answers 2011Dân Chơi
 
CIsco ACL- Network and host security
CIsco ACL- Network and host securityCIsco ACL- Network and host security
CIsco ACL- Network and host securityShiv Koppad
 
Ccna command
Ccna commandCcna command
Ccna commandSiddhartha Rajbhatt
 
Solucion acl examenes
Solucion acl examenesSolucion acl examenes
Solucion acl examenesLicenciatura en Redes y Sistemas Operativos
 
Cisco CCNA-Standard Access List
Cisco CCNA-Standard Access ListCisco CCNA-Standard Access List
Cisco CCNA-Standard Access ListHamed Moghaddam
 
Ipso vrrp troubleshooting
Ipso vrrp troubleshootingIpso vrrp troubleshooting
Ipso vrrp troubleshootingPavan Kumar
 
How to use mmdvm host wif main board
How to use mmdvm host wif main boardHow to use mmdvm host wif main board
How to use mmdvm host wif main boardAURELIO PY5BK
 
mpls-05
mpls-05mpls-05
mpls-05kj teoh
 
Lab 3.5.1 basic frame relay
Lab 3.5.1 basic frame relayLab 3.5.1 basic frame relay
Lab 3.5.1 basic frame relayManuel Garcia Meza
 
Practice exam #2
Practice exam #2Practice exam #2
Practice exam #2Kris Mofu
 
Ccnpswitch
CcnpswitchCcnpswitch
CcnpswitchSiddhartha Rajbhatt
 
Day2
Day2Day2
Day2Jai4uk
 
EDS-10/40G Ethernat Delay Simulator
EDS-10/40G Ethernat Delay SimulatorEDS-10/40G Ethernat Delay Simulator
EDS-10/40G Ethernat Delay SimulatorEast Coast Datacom, Inc.
 

More Related Content

What's hot

Cisco CCNA IP SLA with tracking configuration
Cisco CCNA IP SLA with tracking configurationCisco CCNA IP SLA with tracking configuration
Cisco CCNA IP SLA with tracking configurationHamed Moghaddam
 
Cisco CCNA IPV6 Static Configuration
Cisco CCNA IPV6 Static ConfigurationCisco CCNA IPV6 Static Configuration
Cisco CCNA IPV6 Static ConfigurationHamed Moghaddam
 
Cisco switch commands cheat sheet
Cisco switch commands cheat sheetCisco switch commands cheat sheet
Cisco switch commands cheat sheet3Anetwork com
 
Lab 9 instructions
Lab 9 instructionsLab 9 instructions
Lab 9 instructionstrayyoo
 
IPv6 for Pentesters
IPv6 for PentestersIPv6 for Pentesters
IPv6 for Pentesterscamsec
 
Cisco CCNA OSPF IPV6 Configuration
Cisco CCNA OSPF IPV6 ConfigurationCisco CCNA OSPF IPV6 Configuration
Cisco CCNA OSPF IPV6 ConfigurationHamed Moghaddam
 
Ccna 2 chapter 11 v4.0 answers 2011
Ccna 2 chapter 11 v4.0 answers 2011Ccna 2 chapter 11 v4.0 answers 2011
Ccna 2 chapter 11 v4.0 answers 2011Dân Chơi
 
CIsco ACL- Network and host security
CIsco ACL- Network and host securityCIsco ACL- Network and host security
CIsco ACL- Network and host securityShiv Koppad
 
Cisco CCNA-Standard Access List
Cisco CCNA-Standard Access ListCisco CCNA-Standard Access List
Cisco CCNA-Standard Access ListHamed Moghaddam
 
Ipso vrrp troubleshooting
Ipso vrrp troubleshootingIpso vrrp troubleshooting
Ipso vrrp troubleshootingPavan Kumar
 
How to use mmdvm host wif main board
How to use mmdvm host wif main boardHow to use mmdvm host wif main board
How to use mmdvm host wif main boardAURELIO PY5BK
 
Practice exam #2
Practice exam #2Practice exam #2
Practice exam #2Kris Mofu
 

What's hot (20)

1
11
1
 
Cisco CCNA IP SLA with tracking configuration
Cisco CCNA IP SLA with tracking configurationCisco CCNA IP SLA with tracking configuration
Cisco CCNA IP SLA with tracking configuration
 
Cisco CCNA IPV6 Static Configuration
Cisco CCNA IPV6 Static ConfigurationCisco CCNA IPV6 Static Configuration
Cisco CCNA IPV6 Static Configuration
 
Ip Access Lists
Ip Access ListsIp Access Lists
Ip Access Lists
 
Useful Linux commands
Useful Linux commandsUseful Linux commands
Useful Linux commands
 
Cisco switch commands cheat sheet
Cisco switch commands cheat sheetCisco switch commands cheat sheet
Cisco switch commands cheat sheet
 
Lab 9 instructions
Lab 9 instructionsLab 9 instructions
Lab 9 instructions
 
IPv6 for Pentesters
IPv6 for PentestersIPv6 for Pentesters
IPv6 for Pentesters
 
Cisco CCNA OSPF IPV6 Configuration
Cisco CCNA OSPF IPV6 ConfigurationCisco CCNA OSPF IPV6 Configuration
Cisco CCNA OSPF IPV6 Configuration
 
Ccna 2 chapter 11 v4.0 answers 2011
Ccna 2 chapter 11 v4.0 answers 2011Ccna 2 chapter 11 v4.0 answers 2011
Ccna 2 chapter 11 v4.0 answers 2011
 
CIsco ACL- Network and host security
CIsco ACL- Network and host securityCIsco ACL- Network and host security
CIsco ACL- Network and host security
 
Ccna command
Ccna commandCcna command
Ccna command
 
Solucion acl examenes
Solucion acl examenesSolucion acl examenes
Solucion acl examenes
 
Cisco CCNA-Standard Access List
Cisco CCNA-Standard Access ListCisco CCNA-Standard Access List
Cisco CCNA-Standard Access List
 
Ipso vrrp troubleshooting
Ipso vrrp troubleshootingIpso vrrp troubleshooting
Ipso vrrp troubleshooting
 
How to use mmdvm host wif main board
How to use mmdvm host wif main boardHow to use mmdvm host wif main board
How to use mmdvm host wif main board
 
mpls-05
mpls-05mpls-05
mpls-05
 
Lab 3.5.1 basic frame relay
Lab 3.5.1 basic frame relayLab 3.5.1 basic frame relay
Lab 3.5.1 basic frame relay
 
Practice exam #2
Practice exam #2Practice exam #2
Practice exam #2
 
Ccnpswitch
CcnpswitchCcnpswitch
Ccnpswitch
 

Similar to Howto ethereal-wireshark-trace en

Mạng máy tính nâng cao_Chapter01 overview
Mạng máy tính nâng cao_Chapter01 overviewMạng máy tính nâng cao_Chapter01 overview
Mạng máy tính nâng cao_Chapter01 overviewJackie Tran
 
Chap.1 ethernet introduction
Chap.1 ethernet introductionChap.1 ethernet introduction
Chap.1 ethernet introduction東原 李
 
Wireshark.ethereal
Wireshark.etherealWireshark.ethereal
Wireshark.etherealgh02
 
NetFlow Monitoring for Cyber Threat Defense
NetFlow Monitoring for Cyber Threat DefenseNetFlow Monitoring for Cyber Threat Defense
NetFlow Monitoring for Cyber Threat DefenseCisco Canada
 
Internet Technology Practical (Mumbai University) -2017
Internet Technology Practical (Mumbai University) -2017Internet Technology Practical (Mumbai University) -2017
Internet Technology Practical (Mumbai University) -2017Satyendra Singh
 
Ls catalog thiet bi dien mk e_0908
Ls catalog thiet bi dien mk e_0908Ls catalog thiet bi dien mk e_0908
Ls catalog thiet bi dien mk e_0908Dien Ha The
 
Ls catalog thiet bi dien mk e_0908_dienhathe.vn
Ls catalog thiet bi dien mk e_0908_dienhathe.vnLs catalog thiet bi dien mk e_0908_dienhathe.vn
Ls catalog thiet bi dien mk e_0908_dienhathe.vnDien Ha The
 
Tetra_TMO-100_02.2011_English.ppt
Tetra_TMO-100_02.2011_English.pptTetra_TMO-100_02.2011_English.ppt
Tetra_TMO-100_02.2011_English.pptNyandaBetul
 
Krzysztof Mazepa - Netflow/cflow - ulubionym narzędziem operatorów SP
Krzysztof Mazepa - Netflow/cflow - ulubionym narzędziem operatorów SPKrzysztof Mazepa - Netflow/cflow - ulubionym narzędziem operatorów SP
Krzysztof Mazepa - Netflow/cflow - ulubionym narzędziem operatorów SPPROIDEA
 
119163798 icnd1-practice-questions-9tut
119163798 icnd1-practice-questions-9tut119163798 icnd1-practice-questions-9tut
119163798 icnd1-practice-questions-9tutnicolelemmimg
 
VXLAN BGP EVPN: Technology Building Blocks
VXLAN BGP EVPN: Technology Building BlocksVXLAN BGP EVPN: Technology Building Blocks
VXLAN BGP EVPN: Technology Building BlocksAPNIC
 
DCS PRESENTATION
DCS PRESENTATIONDCS PRESENTATION
DCS PRESENTATIONbvent2005
 
IECS-1116-DI Industrial EtherCAT Slave I/O Module with Isolated 16-ch Digital...
IECS-1116-DI Industrial EtherCAT Slave I/O Module with Isolated 16-ch Digital...IECS-1116-DI Industrial EtherCAT Slave I/O Module with Isolated 16-ch Digital...
IECS-1116-DI Industrial EtherCAT Slave I/O Module with Isolated 16-ch Digital...BluBoxx Communication Pvt. ltd
 
©LWTAOB© 2013 Cisco andLab – O.docx
©LWTAOB© 2013 Cisco andLab – O.docx©LWTAOB© 2013 Cisco andLab – O.docx
©LWTAOB© 2013 Cisco andLab – O.docxLynellBull52
 

Similar to Howto ethereal-wireshark-trace en (20)

Day2
Day2Day2
Day2
 
EDS-10/40G Ethernat Delay Simulator
EDS-10/40G Ethernat Delay SimulatorEDS-10/40G Ethernat Delay Simulator
EDS-10/40G Ethernat Delay Simulator
 
Introduction to PROFINET - Derek Lane of Wago
Introduction to PROFINET - Derek Lane of WagoIntroduction to PROFINET - Derek Lane of Wago
Introduction to PROFINET - Derek Lane of Wago
 
Intro to Ethernet
Intro to EthernetIntro to Ethernet
Intro to Ethernet
 
Mạng máy tính nâng cao_Chapter01 overview
Mạng máy tính nâng cao_Chapter01 overviewMạng máy tính nâng cao_Chapter01 overview
Mạng máy tính nâng cao_Chapter01 overview
 
Chap.1 ethernet introduction
Chap.1 ethernet introductionChap.1 ethernet introduction
Chap.1 ethernet introduction
 
Wireshark.ethereal
Wireshark.etherealWireshark.ethereal
Wireshark.ethereal
 
NetFlow Monitoring for Cyber Threat Defense
NetFlow Monitoring for Cyber Threat DefenseNetFlow Monitoring for Cyber Threat Defense
NetFlow Monitoring for Cyber Threat Defense
 
Internet Technology Practical (Mumbai University) -2017
Internet Technology Practical (Mumbai University) -2017Internet Technology Practical (Mumbai University) -2017
Internet Technology Practical (Mumbai University) -2017
 
Ls catalog thiet bi dien mk e_0908
Ls catalog thiet bi dien mk e_0908Ls catalog thiet bi dien mk e_0908
Ls catalog thiet bi dien mk e_0908
 
Ls catalog thiet bi dien mk e_0908_dienhathe.vn
Ls catalog thiet bi dien mk e_0908_dienhathe.vnLs catalog thiet bi dien mk e_0908_dienhathe.vn
Ls catalog thiet bi dien mk e_0908_dienhathe.vn
 
Tetra_TMO-100_02.2011_English.ppt
Tetra_TMO-100_02.2011_English.pptTetra_TMO-100_02.2011_English.ppt
Tetra_TMO-100_02.2011_English.ppt
 
netLec5.pdf
netLec5.pdfnetLec5.pdf
netLec5.pdf
 
Krzysztof Mazepa - Netflow/cflow - ulubionym narzędziem operatorów SP
Krzysztof Mazepa - Netflow/cflow - ulubionym narzędziem operatorów SPKrzysztof Mazepa - Netflow/cflow - ulubionym narzędziem operatorów SP
Krzysztof Mazepa - Netflow/cflow - ulubionym narzędziem operatorów SP
 
Unix 4 en
Unix 4 enUnix 4 en
Unix 4 en
 
119163798 icnd1-practice-questions-9tut
119163798 icnd1-practice-questions-9tut119163798 icnd1-practice-questions-9tut
119163798 icnd1-practice-questions-9tut
 
VXLAN BGP EVPN: Technology Building Blocks
VXLAN BGP EVPN: Technology Building BlocksVXLAN BGP EVPN: Technology Building Blocks
VXLAN BGP EVPN: Technology Building Blocks
 
DCS PRESENTATION
DCS PRESENTATIONDCS PRESENTATION
DCS PRESENTATION
 
IECS-1116-DI Industrial EtherCAT Slave I/O Module with Isolated 16-ch Digital...
IECS-1116-DI Industrial EtherCAT Slave I/O Module with Isolated 16-ch Digital...IECS-1116-DI Industrial EtherCAT Slave I/O Module with Isolated 16-ch Digital...
IECS-1116-DI Industrial EtherCAT Slave I/O Module with Isolated 16-ch Digital...
 
©LWTAOB© 2013 Cisco andLab – O.docx
©LWTAOB© 2013 Cisco andLab – O.docx©LWTAOB© 2013 Cisco andLab – O.docx
©LWTAOB© 2013 Cisco andLab – O.docx
 

Recently uploaded

HARMONY IN THE NATURE AND EXISTENCE - Unit-IV
HARMONY IN THE NATURE AND EXISTENCE - Unit-IVHARMONY IN THE NATURE AND EXISTENCE - Unit-IV
HARMONY IN THE NATURE AND EXISTENCE - Unit-IVRajaP95
 
247267395-1-Symmetric-and-distributed-shared-memory-architectures-ppt (1).ppt
247267395-1-Symmetric-and-distributed-shared-memory-architectures-ppt (1).ppt247267395-1-Symmetric-and-distributed-shared-memory-architectures-ppt (1).ppt
247267395-1-Symmetric-and-distributed-shared-memory-architectures-ppt (1).pptssuser5c9d4b1
 
Booking open Available Pune Call Girls Koregaon Park 6297143586 Call Hot Ind...
Booking open Available Pune Call Girls Koregaon Park 6297143586 Call Hot Ind...Booking open Available Pune Call Girls Koregaon Park 6297143586 Call Hot Ind...
Booking open Available Pune Call Girls Koregaon Park 6297143586 Call Hot Ind...Call Girls in Nagpur High Profile
 
Sheet Pile Wall Design and Construction: A Practical Guide for Civil Engineer...
Sheet Pile Wall Design and Construction: A Practical Guide for Civil Engineer...Sheet Pile Wall Design and Construction: A Practical Guide for Civil Engineer...
Sheet Pile Wall Design and Construction: A Practical Guide for Civil Engineer...Dr.Costas Sachpazis
 
MANUFACTURING PROCESS-II UNIT-5 NC MACHINE TOOLS
MANUFACTURING PROCESS-II UNIT-5 NC MACHINE TOOLSMANUFACTURING PROCESS-II UNIT-5 NC MACHINE TOOLS
MANUFACTURING PROCESS-II UNIT-5 NC MACHINE TOOLSSIVASHANKAR N
 
(ANJALI) Dange Chowk Call Girls Just Call 7001035870 [ Cash on Delivery ] Pun...
(ANJALI) Dange Chowk Call Girls Just Call 7001035870 [ Cash on Delivery ] Pun...(ANJALI) Dange Chowk Call Girls Just Call 7001035870 [ Cash on Delivery ] Pun...
(ANJALI) Dange Chowk Call Girls Just Call 7001035870 [ Cash on Delivery ] Pun...ranjana rawat
 
Decoding Kotlin - Your guide to solving the mysterious in Kotlin.pptx
Decoding Kotlin - Your guide to solving the mysterious in Kotlin.pptxDecoding Kotlin - Your guide to solving the mysterious in Kotlin.pptx
Decoding Kotlin - Your guide to solving the mysterious in Kotlin.pptxJoão Esperancinha
 
APPLICATIONS-AC/DC DRIVES-OPERATING CHARACTERISTICS
APPLICATIONS-AC/DC DRIVES-OPERATING CHARACTERISTICSAPPLICATIONS-AC/DC DRIVES-OPERATING CHARACTERISTICS
APPLICATIONS-AC/DC DRIVES-OPERATING CHARACTERISTICSKurinjimalarL3
 
the ladakh protest in leh ladakh 2024 sonam wangchuk.pptx
the ladakh protest in leh ladakh 2024 sonam wangchuk.pptxthe ladakh protest in leh ladakh 2024 sonam wangchuk.pptx
the ladakh protest in leh ladakh 2024 sonam wangchuk.pptxhumanexperienceaaa
 
Porous Ceramics seminar and technical writing
Porous Ceramics seminar and technical writingPorous Ceramics seminar and technical writing
Porous Ceramics seminar and technical writingrakeshbaidya232001
 
Model Call Girl in Narela Delhi reach out to us at 🔝8264348440🔝
Model Call Girl in Narela Delhi reach out to us at 🔝8264348440🔝Model Call Girl in Narela Delhi reach out to us at 🔝8264348440🔝
Model Call Girl in Narela Delhi reach out to us at 🔝8264348440🔝soniya singh
 
OSVC_Meta-Data based Simulation Automation to overcome Verification Challenge...
OSVC_Meta-Data based Simulation Automation to overcome Verification Challenge...OSVC_Meta-Data based Simulation Automation to overcome Verification Challenge...
OSVC_Meta-Data based Simulation Automation to overcome Verification Challenge...Soham Mondal
 
Top Rated Pune Call Girls Budhwar Peth ⟟ 6297143586 ⟟ Call Me For Genuine Se...
Top Rated Pune Call Girls Budhwar Peth ⟟ 6297143586 ⟟ Call Me For Genuine Se...Top Rated Pune Call Girls Budhwar Peth ⟟ 6297143586 ⟟ Call Me For Genuine Se...
Top Rated Pune Call Girls Budhwar Peth ⟟ 6297143586 ⟟ Call Me For Genuine Se...Call Girls in Nagpur High Profile
 
(SHREYA) Chakan Call Girls Just Call 7001035870 [ Cash on Delivery ] Pune Esc...
(SHREYA) Chakan Call Girls Just Call 7001035870 [ Cash on Delivery ] Pune Esc...(SHREYA) Chakan Call Girls Just Call 7001035870 [ Cash on Delivery ] Pune Esc...
(SHREYA) Chakan Call Girls Just Call 7001035870 [ Cash on Delivery ] Pune Esc...ranjana rawat
 
(ANVI) Koregaon Park Call Girls Just Call 7001035870 [ Cash on Delivery ] Pun...
(ANVI) Koregaon Park Call Girls Just Call 7001035870 [ Cash on Delivery ] Pun...(ANVI) Koregaon Park Call Girls Just Call 7001035870 [ Cash on Delivery ] Pun...
(ANVI) Koregaon Park Call Girls Just Call 7001035870 [ Cash on Delivery ] Pun...ranjana rawat
 
UNIT-III FMM. DIMENSIONAL ANALYSIS
UNIT-III FMM. DIMENSIONAL ANALYSISUNIT-III FMM. DIMENSIONAL ANALYSIS
UNIT-III FMM. DIMENSIONAL ANALYSISrknatarajan
 

Recently uploaded (20)

Roadmap to Membership of RICS - Pathways and Routes
Roadmap to Membership of RICS - Pathways and RoutesRoadmap to Membership of RICS - Pathways and Routes
Roadmap to Membership of RICS - Pathways and Routes
 
HARMONY IN THE NATURE AND EXISTENCE - Unit-IV
HARMONY IN THE NATURE AND EXISTENCE - Unit-IVHARMONY IN THE NATURE AND EXISTENCE - Unit-IV
HARMONY IN THE NATURE AND EXISTENCE - Unit-IV
 
★ CALL US 9953330565 ( HOT Young Call Girls In Badarpur delhi NCR
★ CALL US 9953330565 ( HOT Young Call Girls In Badarpur delhi NCR★ CALL US 9953330565 ( HOT Young Call Girls In Badarpur delhi NCR
★ CALL US 9953330565 ( HOT Young Call Girls In Badarpur delhi NCR
 
247267395-1-Symmetric-and-distributed-shared-memory-architectures-ppt (1).ppt
247267395-1-Symmetric-and-distributed-shared-memory-architectures-ppt (1).ppt247267395-1-Symmetric-and-distributed-shared-memory-architectures-ppt (1).ppt
247267395-1-Symmetric-and-distributed-shared-memory-architectures-ppt (1).ppt
 
Booking open Available Pune Call Girls Koregaon Park 6297143586 Call Hot Ind...
Booking open Available Pune Call Girls Koregaon Park 6297143586 Call Hot Ind...Booking open Available Pune Call Girls Koregaon Park 6297143586 Call Hot Ind...
Booking open Available Pune Call Girls Koregaon Park 6297143586 Call Hot Ind...
 
DJARUM4D - SLOT GACOR ONLINE | SLOT DEMO ONLINE
DJARUM4D - SLOT GACOR ONLINE | SLOT DEMO ONLINEDJARUM4D - SLOT GACOR ONLINE | SLOT DEMO ONLINE
DJARUM4D - SLOT GACOR ONLINE | SLOT DEMO ONLINE
 
9953056974 Call Girls In South Ex, Escorts (Delhi) NCR.pdf
9953056974 Call Girls In South Ex, Escorts (Delhi) NCR.pdf9953056974 Call Girls In South Ex, Escorts (Delhi) NCR.pdf
9953056974 Call Girls In South Ex, Escorts (Delhi) NCR.pdf
 
Sheet Pile Wall Design and Construction: A Practical Guide for Civil Engineer...
Sheet Pile Wall Design and Construction: A Practical Guide for Civil Engineer...Sheet Pile Wall Design and Construction: A Practical Guide for Civil Engineer...
Sheet Pile Wall Design and Construction: A Practical Guide for Civil Engineer...
 
MANUFACTURING PROCESS-II UNIT-5 NC MACHINE TOOLS
MANUFACTURING PROCESS-II UNIT-5 NC MACHINE TOOLSMANUFACTURING PROCESS-II UNIT-5 NC MACHINE TOOLS
MANUFACTURING PROCESS-II UNIT-5 NC MACHINE TOOLS
 
(ANJALI) Dange Chowk Call Girls Just Call 7001035870 [ Cash on Delivery ] Pun...
(ANJALI) Dange Chowk Call Girls Just Call 7001035870 [ Cash on Delivery ] Pun...(ANJALI) Dange Chowk Call Girls Just Call 7001035870 [ Cash on Delivery ] Pun...
(ANJALI) Dange Chowk Call Girls Just Call 7001035870 [ Cash on Delivery ] Pun...
 
Decoding Kotlin - Your guide to solving the mysterious in Kotlin.pptx
Decoding Kotlin - Your guide to solving the mysterious in Kotlin.pptxDecoding Kotlin - Your guide to solving the mysterious in Kotlin.pptx
Decoding Kotlin - Your guide to solving the mysterious in Kotlin.pptx
 
APPLICATIONS-AC/DC DRIVES-OPERATING CHARACTERISTICS
APPLICATIONS-AC/DC DRIVES-OPERATING CHARACTERISTICSAPPLICATIONS-AC/DC DRIVES-OPERATING CHARACTERISTICS
APPLICATIONS-AC/DC DRIVES-OPERATING CHARACTERISTICS
 
the ladakh protest in leh ladakh 2024 sonam wangchuk.pptx
the ladakh protest in leh ladakh 2024 sonam wangchuk.pptxthe ladakh protest in leh ladakh 2024 sonam wangchuk.pptx
the ladakh protest in leh ladakh 2024 sonam wangchuk.pptx
 
Porous Ceramics seminar and technical writing
Porous Ceramics seminar and technical writingPorous Ceramics seminar and technical writing
Porous Ceramics seminar and technical writing
 
Model Call Girl in Narela Delhi reach out to us at 🔝8264348440🔝
Model Call Girl in Narela Delhi reach out to us at 🔝8264348440🔝Model Call Girl in Narela Delhi reach out to us at 🔝8264348440🔝
Model Call Girl in Narela Delhi reach out to us at 🔝8264348440🔝
 
OSVC_Meta-Data based Simulation Automation to overcome Verification Challenge...
OSVC_Meta-Data based Simulation Automation to overcome Verification Challenge...OSVC_Meta-Data based Simulation Automation to overcome Verification Challenge...
OSVC_Meta-Data based Simulation Automation to overcome Verification Challenge...
 
Top Rated Pune Call Girls Budhwar Peth ⟟ 6297143586 ⟟ Call Me For Genuine Se...
Top Rated Pune Call Girls Budhwar Peth ⟟ 6297143586 ⟟ Call Me For Genuine Se...Top Rated Pune Call Girls Budhwar Peth ⟟ 6297143586 ⟟ Call Me For Genuine Se...
Top Rated Pune Call Girls Budhwar Peth ⟟ 6297143586 ⟟ Call Me For Genuine Se...
 
(SHREYA) Chakan Call Girls Just Call 7001035870 [ Cash on Delivery ] Pune Esc...
(SHREYA) Chakan Call Girls Just Call 7001035870 [ Cash on Delivery ] Pune Esc...(SHREYA) Chakan Call Girls Just Call 7001035870 [ Cash on Delivery ] Pune Esc...
(SHREYA) Chakan Call Girls Just Call 7001035870 [ Cash on Delivery ] Pune Esc...
 
(ANVI) Koregaon Park Call Girls Just Call 7001035870 [ Cash on Delivery ] Pun...
(ANVI) Koregaon Park Call Girls Just Call 7001035870 [ Cash on Delivery ] Pun...(ANVI) Koregaon Park Call Girls Just Call 7001035870 [ Cash on Delivery ] Pun...
(ANVI) Koregaon Park Call Girls Just Call 7001035870 [ Cash on Delivery ] Pun...
 
UNIT-III FMM. DIMENSIONAL ANALYSIS
UNIT-III FMM. DIMENSIONAL ANALYSISUNIT-III FMM. DIMENSIONAL ANALYSIS
UNIT-III FMM. DIMENSIONAL ANALYSIS
 

Howto ethereal-wireshark-trace en

  • 1. HOWTO - Packet capturing (Tracing) in Ethereal/Wireshark Format – Page 1 of 9 HOWTO - Packet capturing (Tracing) in Ethereal/Wireshark Format 29.08.2007, Dieter Müller, Presales Consultant With release 7.5 funkwerk devices support exporting trace information to a ethereal/wireshark readable format or directly to the ethereal program. This way a very detailed troubleshooting and packet analysis is possible also on links, which are difficult to trace with normal methods, e.g. a directly connected DSL line. Requirements The tracing in Ethereal / Wireshark format is implemented in all funkwerk R-Series (e.g. R232b / R3000), TR-Series (e.g. TR200) and W-Series (e.g. W1002) starting with software release 7.5. On the client side you can use either Windows or Linux platform for starting the trace. Windows platform: For tracing with Windows hosts you have to install the Brickware software package with minimum version 7.5 Linux platform: For tracing with Linux hosts you have to download “bricktrace-linux” binary from download website or FTP-server 1.) Installation 1a.) Windows platform Download and install the latest Brickware Tools from http://www.funkwerk-ec.com/dl_bintec_brickware_en.html You just have to install the DIME-Tools packets for the tracing. Install Ethereal/Wireshark from www.ethereal.com or www.wireshark.org. 1b.) Linux platform Download the binary “bricktrace-linux” from ftp.funkwerk-ec.com or http://www.funkwerk-ec.com/dl_bintec_unix_tools_de.html Install Ethereal/Wireshark for your Linux version from www.ethereal.com or www.wireshark.org, or use the version provided within your linux distribution. If necessary, update your funkwerk device with a software version 7.5 or higher.
  • 2. HOWTO - Packet capturing (Tracing) in Ethereal/Wireshark Format – Page 2 of 9 2.) Capturing Take care that you have a IP connectivity from your host to the funkwerk device, e.g. you can do a ping from your host to the funkwerk device over a LAN / WAN or VPN link. 2a.) Windows platform • Start the DIME Tools • Start “New Trace …” • Enter the IP address of the device and “Connect”
  • 3. HOWTO - Packet capturing (Tracing) in Ethereal/Wireshark Format – Page 3 of 9 • Enter the admin password of the device (default: funkwerk or bintec (only R3400/R3800) • Select the trace settings o Choose an interface (e.g. LAN Port 1001) or Ethernet-over-ATM (50001) o If you want to trace a isdn channel select the respective B- or D-channel o Select a Pcap File and filename
  • 4. HOWTO - Packet capturing (Tracing) in Ethereal/Wireshark Format – Page 4 of 9 • The trace is started and captures all packets until trace is stopped • For stopping the trace close the trace window or stop the DIME Tools
  • 5. HOWTO - Packet capturing (Tracing) in Ethereal/Wireshark Format – Page 5 of 9 • Open the stored pcap-File with Ethereal / Wireshark. • Ethereal has powerful filtering capabilites. For using them see http://www.ethereal.com/docs/ or http://www.wireshark.org/docs
  • 6. HOWTO - Packet capturing (Tracing) in Ethereal/Wireshark Format – Page 6 of 9 2b.) Linux platform The use of the linux version has two advantages in comparison to the windows version: Realtime Trace The output of the bricktrace-linux program can be directly send to ethereal. This means you can see the traced packets in realtime. With the windows version you first have to finish the trace and open the pcap trace files afterwards. Prefilter possibility The output of the bricktrace-linux can be filtered directly from the program itself. This is e.g. an advantage if the trace-session to the funkwerk device is running over a slow link, but a faster link should be traced (e.g. tracing a DSL connection over a ISDN management link). You can see the usage of the bricktrace-linux program with all its options with “bricktrace-linux -?”. user@linux:~/bricktrace-linux> bricktrace-linux -? Bintec/Funkwerk remote interface tracer ($Revision: 2.43 $) Usage: bricktrace-linux [opts] <routerip> [<channel> <unit> <slot> or <ifindex>] -h hexadecimal output (-! for full length) -2 layer 2 output -3 layer 3 output -a asynchronous HDLC (B-Channel only) -e ETS300075 (EuroFileTransfer) output (B-channel only) -F FAX (B-Channel only) -A FAX + AT Commands (B-Channel only) -D delta time -p PPP (B-Channel only) -f Frame Relay (B-Channel only) -i IP output -N Novell(c) IPX output -t ascii text output (B-Channel only) -x raw dump mode -X asynchronous PPP over X.75 -T <tei> set tei filter (D-Channel only) -c <cref> set callref filter (D-Channel only) -r <cnt> capture only cnt bytes per paket -v increase debug verbose level -V 1..3 trace protocol version (default: 3) -P<port> specify trace tcp port (default: 7000) -I ipsrc:ipdst:proto:srcport:dstport IPsession filter -B ip1:ip2:proto:port1:port2 bidirect IPsession filter -o OR for LAN filter --src=<addr> LAN filter for source MAC address --dst=<addr> LAN filter for destination MAC address --llc LAN filter for LLC packets --help extended help (environ vars & filter) --vpi=<vci> VPI for ADSL connections --vci=<vpi> VCI for ADSL connections --ethereal start ethereal (implies --pcap-pipe) --pcap-pipe write data in pcap-format into named pipe --pcap-file write data in pcap-format into file --ofile=<fname> out filename (pipe/file) --pwd=<passwd> remote admin-password
  • 7. HOWTO - Packet capturing (Tracing) in Ethereal/Wireshark Format – Page 7 of 9 <routerip> trace host (router's name or IP-address) <channel> 0 = D-Channel or no ISDN, 1..31 = Bx-Channel <unit> 0..15 <slot> 0..9 <ifindex> interface index (instead of chan/unit/slot) if no chan/unit/slot or ifindex given: list all interfaces Examples: bricktrace-linux router : list all interfaces bricktrace-linux router 0 1 2 : D-Channel(0) of ISDN Slot 2, Unit 1 bricktrace-linux router 1000 : LAN Interface 1000 (Slot 1) bricktrace-linux router 100001 : virtual IPsec interface 100001 bricktrace-linux --ethereal router 1000 : write PCAP & start ethereal bricktrace-linux --pcap-file router 1000 : write PCAP file user@linux:~/bricktrace-linux> For finding out the traceable interfaces of the device, use the command without “ifindex”. user@linux:~> bricktrace-linux --pwd funkwerk 192.168.1.1 bricktrace-linux: connected to 192.168.1.1:7000 Ifc: 1000 Type: 7 (LAN 802.3) Ifc: 5000 Type: 7 (LAN 802.3) Ifc: 2000 Type: 4 (WLAN) Ifc: 3000 Type: 3 (ATM) Ifc: 4000 Type: 0 (ISDN D-channel) Ifc: 50000 Type: 7 (LAN 802.3) Ifc: 200000 Type: 7 (LAN 802.3) end user@linux:~> For resolving the interface index values (Ifc) use the “ifstat” command on the telnet console to the router (not on the linux machine!) r232bw:> ifstat Index Descr Type Mtu Speed St Ipkts Ies Opkts Oes PhyAddr/ChgTime 000000 REFUSE othr 8192 0 up 0 0 0 0 0 00:00:00 000001 LOCAL othr 8192 0 up 0 0 0 0 0 00:00:00 000002 IGNORE othr 8192 0 up 0 0 0 0 0 00:00:00 001000 en1-0 eth 1500 100M up 1962248 0 3015 0 00:a0:f9:09:7d:f8 001001 en1-0-llc eth 1496 100M up 186 0 0 0 00:a0:f9:09:7d:f8 001002 en1-0-snap eth 1492 100M up 139 0 0 0 00:a0:f9:09:7d:f8 005000 en5-0 eth 1500 100M up 501 0 484 0 00:a0:f9:09:7d:f8 005001 en5-0-llc eth 1496 100M up 0 0 0 0 00:a0:f9:09:7d:f8 005002 en5-0-snap eth 1492 100M up 0 0 0 0 00:a0:f9:09:7d:f8 050000 ethoa50-0 eth 1500 10M dn 0 0 0 0 00:a0:f9:89:7d:f8 050001 ethoa50-0-ll eth 1496 10M dn 0 0 0 0 00:a0:f9:89:7d:f8 050002 ethoa50-0-sn eth 1492 10M dn 0 0 0 0 00:a0:f9:89:7d:f8 200000 vss1-0 eth 1500 54M dn 0 0 0 0 00:00:00:00:00:00 200001 vss1-0-llc eth 1496 54M dn 0 0 0 0 00:00:00:00:00:00 200002 vss1-0-snap eth 1492 54M dn 0 0 0 0 00:00:00:00:00:00 total: 15 r232bw:>
  • 8. HOWTO - Packet capturing (Tracing) in Ethereal/Wireshark Format – Page 8 of 9 For tracing a certain interface and directly show the trace in ASCII format on the your console add the interface index (also called <ifindex> or <ifc): user@linux:~> bricktrace-linux --pwd funkwerk 192.168.1.1 1000 bricktrace-linux: connected to 192.168.1.1:1000 Ifc:1000 (Chan:0 Unit:0 Slot:1) Type: 7 (LAN 802.3) 030095.193 R DATA[0060] 0000: ff ff ff ff ff ff 00 03 47 4d c5 45 08 06 00 01 ........GM.E.... 0010: 08 00 06 04 00 01 00 03 47 4d c5 45 c0 a8 01 64 ........GM.E...d 0020: 00 00 00 00 00 00 ...... Arp Request: Who is 192.168.1.1 ? Tell: 192.168.1.100 030095.193 X DATA[0042] 0000: 00 03 47 4d c5 45 00 a0 f9 09 7d f8 08 06 00 01 ..GM.E....}..... 0010: 08 00 06 04 00 02 00 a0 f9 09 7d f8 c0 a8 01 01 ..........}..... 0020: 00 03 47 4d c5 45 ..GM.E Arp Reply: 192.168.1.1 is 00:a0:f9:09:7d:f8 030095.193 R DATA[0098] 0000: 00 a0 f9 09 7d f8 00 03 47 4d c5 45 08 00 45 00 ....}...GM.E..E. 0010: 00 54 09 51 40 00 40 01 ad a2 c0 a8 01 64 c0 a8 .T.Q@.@......d.. 0020: 01 01 08 00 d0 da ...... IP-Packet from 192.168.1.100 to 192.168.1.1 protocol ICMP ICMP-Message , type echo request 030095.193 X DATA[0098] 0000: 00 03 47 4d c5 45 00 a0 f9 09 7d f8 08 00 45 00 ..GM.E....}...E. 0010: 00 54 0b 18 40 00 3f 01 ac db c0 a8 01 01 c0 a8 .T..@.?......... 0020: 01 64 00 00 d8 da .d.... IP-Packet from 192.168.1.1 to 192.168.1.100 protocol ICMP ICMP-Message , type echo reply user@linux:~> For filtering the trace-output use the options “-I” and “-B”. The syntax is: -I ipsrc:ipdst:proto:srcport:dstport IPsession filter -B ip1:ip2:proto:port1:port2 bidirect IPsession filter Example: Tracing only ICMP packets (IP protocol 1): bricktrace-linux --pwd funkwerk -I ::1 192.168.1.1 1000 Example: Tracing only telnet packets (TCP (IP protocol 6), Port 23) bricktrace-linux --pwd funkwerk -B ::6:23 192.168.1.1 1000 Example: Tracing only packets between two host IP addresses: bricktrace-linux --pwd funkwerk -B 192.168.1.1:192.168.1.100 192.168.1.1 1000
  • 9. HOWTO - Packet capturing (Tracing) in Ethereal/Wireshark Format – Page 9 of 9 Using Ethereal / Wireshark with bricktrace-linux For sending the trace to a ethereal/wireshark readable file, use the options “—pcap-file” and “-ofile=<filename>” bricktrace-linux --pwd funkwerk --pcap-file --ofile=testtrace.pcap 192.168.1.1 1000 Open the file with Ethereal / Wireshark. For sending the trace in realtime to ethereal/wireshark, use the options “—ethereal”. All output is piped to ethereal.