Simpler Navigation for Servers and Operating Systems - Please Update Your Bookmarks
Completed: a much simpler Servers and Operating Systems section of the Community. We combined many of the older boards, so you won't have to click through so many levels to get at the information you need. Check the consolidated boards here as many sub-forums are now single boards.
If you have bookmarked forums or discussion boards in Servers and Operating Systems, we suggest you check and update them as needed.
cancel
Showing results for 
Search instead for 
Did you mean: 

tcpdump to a logical interface

CharliePuyol
Advisor

tcpdump to a logical interface

i cant make a tcpdump to a logical interface (lan0:1) how can i filter the packages? is there a way to filter through an IP address?
2 REPLIES
Matti_Kurkela
Honored Contributor

Re: tcpdump to a logical interface

The tcpdump command can filter in many ways, including by IP address. Read "man tcpdump".

For example, if the IP address of lan0:1 is 10.1.1.1, you might use:

tcpdump -i lan0 host 10.1.1.1

If you want to dump only traffic between lan0:1 and one specific host, you might use:

tcpdump -i lan0 host 10.1.1.1 and host 10.2.2.2

MK
MK
rick jones
Honored Contributor

Re: tcpdump to a logical interface

"i cant make a tcpdump to a logical interface (lan0:1)"

Correct - tcpdump uses DLPI, and for any one "physical" (as seen by the transport) interface there is only the one DLPI interface. The logical interfaces are purely in the imagination of the transport - the multiplex onto the one DLPI PPA, and the transport handles the demux on the way in.

I see someone else has already touched on tcpdump filter expressions as a way to filter packets based on IP addresses (and other things).
there is no rest for the wicked yet the virtuous have no pillows