Re: tcpdump

 
SOLVED
Go to solution
Becke
Super Advisor

tcpdump


Dear Guys

Im trying to capture tcpdump for all interfaces so we can track network issue..what would be the syntax, I have gone thru man page but not quite sure. as I understand -w write to a file and -i captures on a specific interface if specified but I need to capture for all interfaces and write to a file so we can read it later with -r flag using ipreport command ...

what is the correct syntax ? I'm running this on linix and aix machines...

thnx

6 REPLIES 6
Matti_Kurkela
Honored Contributor
Solution

Re: tcpdump

"man tcpdump" says you can use "-i all" on Linux.

If you want to capture the complete contents of the packets, the syntax would be something like:

tcpdump -s0 -i all -w /really/fast/disk/capture.dat

If you omit "-s0", only the header of each packet may be captured, depending on tcpdump version.

I have no idea if "-i all" works on AIX.

MK
MK
Becke
Super Advisor

Re: tcpdump


Thanks for your time to reply MK...

In aix I worked it out

tcpdump -w /tempfs/tcpdump.out (this captures all data from all available interfaces.

AND

tcpdump -w /tempfs/tcpdump.out -i en1 ( This captures data for a specefic interface such as en1 in this case....

By the way question on Linux...I'm trying to install linix on my laptop so I can get rid of windows and start using linux only, can u pls give me some handy doco to do this or a good web site which has instructions to do so ??? Im pretty good with aix but never played with Linux..
Viktor Balogh
Honored Contributor

Re: tcpdump

Raf,

Installing linux to a laptop is a very easy task. Just download an iso image of your chosen distro, burn it to cd/dvd, and boot your laptop from this disk. You will be presented with a GUI interface, and if you don't want to overcomplicate it, the install goes like "next --> next --> finish"

that's it, have fun!

Viktor
****
Unix operates with beer.
Becke
Super Advisor

Re: tcpdump


Thanks Victor, which website I can download the ISO image from ?

I need to create multi boot partition so I can boot from my windown whenever I want or boot in linix mode if I want to etc etc ??

Matti_Kurkela
Honored Contributor

Re: tcpdump

There are many Linux distributions.

For example, RedHat Enterprise Linux (RHEL) and SuSE Linux Enterprise Server (SLES) are commercial, mainly server-oriented Linux distributions with good support. You'll need to pay for license to get these (and updates for them).

There are also free versions of these, with no official support: CentOS is the free equivalent of RHEL (exactly the same source code, but RedHat-copyrighted graphics are exchanged for free ones), and I understand OpenSuse is the nearest free equivalent to SLES. These might be very useful if you want to practice for RHEL or SLES specifically.

(SuSE/SLES has a centralized management tool "yast". In AIX speak, it's essentially a functional equivalent of SMIT/smitty. RedHat/CentOS has no single all-encompassing management tool, but a collection of GUI admin tools named system-config-, each covering a specific area.)

Another family of Linux distributions is Debian and Ubuntu: Debian is completely free and very stable, but often includes older versions of software. Ubuntu is based on test versions of Debian: it is more tailored for desktop/laptop use and includes newer software.

Many distributions offer "Live CD" versions: that means you can boot the entire Linux OS from a CD/DVD without installing anything at all onto your hard drive: it might be a little slow, but it's an easy way to test different distributions. (It also works as a great troubleshooting tool if something is wrong with your installed OS so you cannot boot it successfully.)

If you're going to learn Linux in general, see what other Linux users near you are using and pick the same distribution they're using: that makes it easier for them to help you. If you're the first Linux user around, pick one of the major distributions, so there will be plenty of documentation and tips on the Internet.

Since you already know AIX, you are already familiar with general fundamentals of Unix-style operating systems. This will give you a great advantage over people moving to Linux from Windows.

MK
MK
Becke
Super Advisor

Re: tcpdump

Thanks mate for your time to help out.

Good stuff