HPE Community
Operating System - HP-UX
1819933 Members
3417 Online
109607 Solutions
New Discussion юеВ

Need info on running "TCPDUMP" on HP-UX servers.

 
SOLVED
Go to solution
S.J. Sarwar
Occasional Advisor

тАО10-06-2006 03:57 AM

тАО10-06-2006 03:57 AM

Need info on running "TCPDUMP" on HP-UX servers.

Folks,

I need to run 'tcpdump' on two servers, to capture IP Packets, for a port, but I am failing to get the command right with all the arguments.Please help me.!!

Thanks in Advance.
0 Kudos
Reply
6 REPLIES 6
Deoncia Grayson_1
Honored Contributor

тАО10-06-2006 04:13 AM

тАО10-06-2006 04:13 AM

Re: Need info on running "TCPDUMP" on HP-UX servers.

i would go to www.tcpdump.org to get correct usage.
If no one ever took risks, Michelangelo would have painted the Sistine floor. -Neil Simon
0 Kudos
Reply
John Payne_2
Honored Contributor

тАО10-06-2006 04:32 AM

тАО10-06-2006 04:32 AM

Solution

Re: Need info on running "TCPDUMP" on HP-UX servers.

For port TCP:1521
"tcpdump port 1521"
or
"tcpdump tcp port 1521"

If you want to get traffic from just one server:
"tcpdump host serverb"
or
"tcpdump dst host serverb"
or
"tcpdump src host servera"
depanding on what you actually want...

Hope it helps

John
Spoon!!!!
Reply
S.J. Sarwar
Occasional Advisor

тАО10-06-2006 05:54 AM

тАО10-06-2006 05:54 AM

Re: Need info on running "TCPDUMP" on HP-UX servers.

Thank you all for those replies...My requirement is to get "the Packet". ie:- The Binary form of data in it.
0 Kudos
Reply
Bill Hassell
Honored Contributor

тАО10-06-2006 11:18 AM

тАО10-06-2006 11:18 AM

Re: Need info on running "TCPDUMP" on HP-UX servers.

You might want to look at Wireshark as an alternative. Wireshark is the new name for Ethereal and is the world's most popular packet decoder and analyzer program. Now you can download an HP-UX version from:

http://hpux.connect.org.uk/hppd/hpux/Gtk/Applications/wireshark-0.99.2/

it is an Xwindows program with a LARGE number of runtime dependencies, making the installation and usage a bit tricky. However, the PC Windows version is very simple to install and use and with WinPcap (supplied with the program), you can trace the HP-UX packets from your PC. Wireshark also reads a large number of packet trace formats including HP-UX nettl files.


Bill Hassell, sysadmin
0 Kudos
Reply
Maxim Yakimenko
Super Advisor

тАО10-08-2006 06:58 PM

тАО10-08-2006 06:58 PM

Re: Need info on running "TCPDUMP" on HP-UX servers.

Hi

You can grab traffic with tcpdump - look at option that allows to write grabbed traffic into file. This file can then be openned with Ethereal.
0 Kudos
Reply
Matti_Kurkela
Honored Contributor

тАО10-08-2006 08:41 PM

тАО10-08-2006 08:41 PM

Re: Need info on running "TCPDUMP" on HP-UX servers.

With the default settings, tcpdump captures only just enough to see the basic packet headers.

To get the complete contents of the packet, you need to specify the maximum size to capture to be equal or greater than the maximum size of the packet on the type of network you're using.
This is done using the option '-s ' The normal maximum size for Ethernet is 1500 bytes, but if you're using gigabit connections and Jumbo frames, it may be greater. So, on a typical Ethernet, you might want to use '-s 1500'.

Newer versions of tcpdump allow the use of '-s 0' to mean "get everything, whatever the max size is".

To get the packet contents in hexadecimal listing, you can use option -x or -xx, depending on whether you want to include the link level headers or not. To get a "hex + ascii" -style output, you can use -X or -XX, respectively.
MK
0 Kudos
Reply
The opinions expressed above are the personal opinions of the authors, not of Hewlett Packard Enterprise. By using this site, you accept the Terms of Use and Rules of Participation.