Re: network activities monitoring.

jayachandran.g · ‎07-12-2005

Hi all

In sun servers in that snoop command is there which will clearly tell the network activities is there anything like that for HP.

if it is there how to use it?

thank you
Jayachandran.G

Mel Burslan · ‎07-12-2005

I have no experience with snoop on sun systems but I am assuming it is something like nettl under hp-ux.

nettl is a very deep subject to explaing the use of it in a posting like this. man nettl will give you a lot of information. I am dsure you will get lost in in for the first few times.

A quick start guide like instructions can be found at this page:

http://www1.itrc.hp.com/service/cki/docDisplay.do?docLocale=en_US&docId=200000007950516

but they are by no means complete or as detailed as it gets.

HTH

________________________________
UNIX because I majored in cryptology...

The Real MD · ‎07-12-2005

hi,

you can use tcpdump or tcptrace

http://hpux.cs.utah.edu/hppd/cgi-bin/search?package=on&description=on&term=tcpdump

or you could use ethereal

I hope this helps

Martin.

Biswajit Tripathy · ‎07-12-2005

tcpdump, as suggested above, is an option
and is packaged with "internet express" and
available at software depot website at
www.hp.com.

Another option is IPFilter system firewall.
It would take couple of minutes to configure
IPFilter to log all network activities or some
specific type of activituies you are interested
in.

- Biswajit

:-)

Yogeeraj_1 · ‎07-12-2005

hi,

note that nettl allow you to capture only network activities such as state changes, errors, and connection establishment.

also, nettl can be used only by users who have an effective user ID of 0.

hope this helps too!
regards
yogeeraj

No person was ever honoured for what he received. Honour has been the reward for what he gave (clavin coolidge)

Fabio Ettore · ‎07-12-2005

Hi,

if you insert in the ITRC search (you find it on top of the page) just the word snoop you will see many many similar questions, one for all:

http://forums2.itrc.hp.com/service/forums/questionanswer.do?threadId=787126

Anyway nettl is the closer tool on HP-UX like snoop on Solaris.

Hope this helps you.

Best regards,
Fabio

WISH? IMPROVEMENT!

jayachandran.g · ‎07-13-2005

Hey

I have downloaded the tcp dump i got a file .depot how do i install it?

Fabio Ettore · ‎07-13-2005

Hi,

all .depot files have to be installed by swinstall (for example my file.depot is under /tmp):

swinstall -s /tmp/file.depot \*

It will do an analysis before and then (if analysis will be ok) will install the product.

After that check if the software tcpdump is installed:

swlist -l product | grep -i tcpdump

Best regards,
Fabio

WISH? IMPROVEMENT!

jayachandran.g · ‎07-13-2005

Hi Fabio

I gave the same command what you gave..

but it telling that there is no depot software in my server at the location /tmp/file.depot make sure the path is correct

jayachandran.g · ‎07-13-2005

ok ok its done

thanks a lot

rick jones · ‎07-13-2005

FWIW -

Nettl can indeed trace packets, not just state transitions and such.

Tcpdump and ethereal also can be found in the HP "Internet Express" software which can be had free of charge via the new URL of http://www.hp.com/go/softwaredepot (which replaces http://software.hp.com/)

there is no rest for the wicked yet the virtuous have no pillows

jayachandran.g · ‎07-13-2005

Hi all

i triend installing tcpdump but for executing it again itis asking for some lib file and i'm not sure wheather my device will use tcp r udp.

nettl totaly gone i'm not able to get anythig out of it....

nettl -st
is ging a out put enabling network travking done

but where it got stored?

can anybody help me with a proper options please?
Thanx

Fabio Ettore · ‎07-13-2005

Hi,

have you checked dependencies for tcpdump?
Porting usually indicates what dependencies are needed to use a software.
I think you didn't get some of them.

Anyway you can use nettl but of course it depends on what type of problem you have.

Here a sample using lan driver:

1. start the trace:
nettl -tn all -e btlan -m 300 -f /tmp/trace

2. work normally for just few seconds or one minute in order to reproduce the problem;

3. stop the trace:
nettl -tf -e all

You should have /tmp/trace.TRC0.
You already can analyze it by ethereal on a Windows system otherwise format it on HP-UX system:

netfmt -l -N -f /tmp/trace.TRC0 > /tmp/trace.txt

Hope this helps you.

Best regards,
Fabio

WISH? IMPROVEMENT!

rick jones · ‎07-14-2005

Do not let the name "tcpdump" fool you - tcpdump will trace _all_ traffic on an interface, regardless of protocol. The name tcpdump is simply an accident of history.

Tcpdump can depend on a library called libpcap. Is that the library it was asking about? Anyway, the tcpdump from the HP Internet Express bits will install and run just fine - it is either compiled with libpcap already in it staticly (?) or brings libpcap along for the ride.

As for nettl, apart from what has been mentioned in the forum, there is a bit in the manpages, and I suspect much more in one of the manuals on docs.hp.com.

there is no rest for the wicked yet the virtuous have no pillows

jayachandran.g · ‎07-14-2005

Ya rick jones

it is the same file it is asking how can i get it downloaded and make tcpdump to work fine.

jayachandran.g · ‎07-14-2005

Ya rick jones

it is the same file it is asking how can i get it downloaded and make tcpdump to work fine.
#tcpdump

/usr/lib/dld.sl: /usr/local/lib/libcap.sl
/usr/lib/dld.sl: no such file or directory.

Fabio Ettore · ‎07-14-2005

Hi,

where did you obtain tcpdump from?

Just for test try to download that library from here:

http://hpux.connect.org.uk/hppd/hpux/Networking/Admin/libpcap-0.8.3/

Infact it is a dependency that I said in my last post.

Try to install it and try again by tcpdump.
Just a thought.

Best regards,
Fabio

WISH? IMPROVEMENT!

jayachandran.g · ‎07-15-2005

Hi

now i don't know whether i'm in the correct place r not?

i have downloaded libpcap from the site directed by fabio.

i have copied it to tmp i have renamed it to a another file name for easy access.

i have done the installation for libpcap.sl (swinstall -s /tmp/2.depot\*) but it the file saved in the different name but in correct location.

the name of the file was libpcap.@LIB_EXT@
i have renamed it to libpcap.sl now that eror is tured to another one.

now hp server is asking for libcrypto.sl

is there anywhere i made the mistake. Are i'm correct and shall i continue downloading the other lib file also.

rick jones · ‎07-15-2005

I suspect that the stuff from the porting archives can indeed be made to work, but at this point I'd probably just start at www.hp.com/go/swdepot, find the HP Internet Express bits from there and select the tcpdump package and install that one. I've done that several times with success.

Alternatively, if you have the HP compiler installed, you can get libpcap and tcpdump sources from www.tcpdump.org and compile them and have the very latest version. The libpcap and tcpdump sources should compile just fine with the HP compilers.

there is no rest for the wicked yet the virtuous have no pillows

Categories

Company

Local Language

Forums

Discussions

Forums

Discussions

Forums

Discussions

Forums

Discussions

Forums

Discussions

Discussions

Forums

Forums

Discussions

Forums

Discussions

Forums

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Community

Resources

Other HPE Sites

Discussions

Forums

Blogs

Re: network activities monitoring.

network activities monitoring.