HPE Community
Operating System - HP-UX
1823250 Members
3299 Online
109648 Solutions
New Discussion юеВ

tcp dump

 
SOLVED
Go to solution
navin
Super Advisor

тАО05-14-2008 01:42 PM

тАО05-14-2008 01:42 PM

tcp dump

Hello,
i have a rp3440 server..i need to install tcp dump on these.what are the steps
thanks
Learning ...
0 Kudos
Reply
8 REPLIES 8
Tim Nelson
Honored Contributor

тАО05-14-2008 01:46 PM

тАО05-14-2008 01:46 PM

Solution

Re: tcp dump

TCP Dump is included on the HPUX Internet Express. Precompiled and ready to swinstall.

Goto http://h20392.www2.hp.com/portal/swdepot/displayProductInfo.do?productNumber=HPUXIEXP1111

download and swinstall

If you prefer to compile your own then search the web for all the pre-requisites. ( hpux porting center ). and good luck.

Reply
Patrick Wallek
Honored Contributor

тАО05-14-2008 01:47 PM

тАО05-14-2008 01:47 PM

Re: tcp dump

What version of HP-UX are you running?

For HP-UX 11.11 go here and download:
http://h20392.www2.hp.com/portal/swdepot/displayProductInfo.do?productNumber=HPUXIEXP1111

For HP-UX 11.23 go here and download:
http://h20392.www2.hp.com/portal/swdepot/displayProductInfo.do?productNumber=HPUXIEXP1123

For HP-UX 11.31 go here and download:
http://h20392.www2.hp.com/portal/swdepot/displayProductInfo.do?productNumber=HPUXIEXP1131

You should then be able to install via swinstall.
Reply
Jeff_Traigle
Honored Contributor

тАО05-14-2008 01:48 PM

тАО05-14-2008 01:48 PM

Re: tcp dump

1. Go to http://software.hp.com
2. Search for tcpdump
3. Select the Internet Express for your version of HP-UX from the resulting list
4. Download tcpdump from it
5. Follow the installation instructions that are available from the download page (should be a simple swinstall command)
--
Jeff Traigle
Reply
navin
Super Advisor

тАО05-14-2008 02:00 PM

тАО05-14-2008 02:00 PM

Re: tcp dump

Please let me know how that will be used to capture and analyze
thanks
Learning ...
0 Kudos
Reply
Patrick Wallek
Honored Contributor

тАО05-14-2008 02:50 PM

тАО05-14-2008 02:50 PM

Re: tcp dump

I suggest you install it and then read the manual pages / documentation.

Then, if you have further questions you can post.
0 Kudos
Reply
Laurent Menase
Honored Contributor

тАО05-14-2008 11:56 PM

тАО05-14-2008 11:56 PM

Re: tcp dump

tcpdump -i lan0 -w alogfile

and then use wireshark to analyse it.

Else on HPUX you have a tool named nettl.
It is more precise than tcpdump.

to use it:
nettl -tn all -e selecteur -f /tmp/myresult -m 80

selecteur can me a combination of subsystems:
it can be
'all' -all subsys
NS_LS_IP to trace IP layer only
NS_LS_TCP to trace IP layer only
IGELAN for igelan lan interface
ILAN, GELAN, BTLAN IETHER
nettl -ss to have the full list
for instance if you have igelan interface and want to trace IP and interface layer :
nettl -tn all -e NS_LS_IP IGELAN -f /tmp/myresult -m 80
-m 80 option is to limit the part of the data acquired to the 80 first byte of message, to limit nettl overhead, and avoid to lose messages.
-tm can be used to specify the size of the trace.

to stop the tracing
nettl -tf -e all
to analyse:
wireshark or netfmt.
http://www.wireshark.org/download.html
0 Kudos
Reply
Karsten Radke_1
Advisor

тАО05-15-2008 01:26 AM

тАО05-15-2008 01:26 AM

Re: tcp dump

for tcpdump usage see
http://dmiessler.com/study/tcpdump_recipes

Regards,
Karsten
0 Kudos
Reply
Yogeeraj_1
Honored Contributor

тАО05-15-2008 03:23 AM

тАО05-15-2008 03:23 AM

Re: tcp dump

hi navin,

Wireshark also available from the Internet Express bundle:
http://h20392.www2.hp.com/portal/swdepot/displayProductInfo.do?productNumber=HPUXIEXP1123


kind regards
yogeeraj
No person was ever honoured for what he received. Honour has been the reward for what he gave (clavin coolidge)
0 Kudos
Reply
The opinions expressed above are the personal opinions of the authors, not of Hewlett Packard Enterprise. By using this site, you accept the Terms of Use and Rules of Participation.