Difference between revisions of "ICX-Alphacom Core tcpdump"
From Zenitel Wiki
ZenitelAus (talk | contribs) (Tag: Visual edit) |
|||
| (7 intermediate revisions by 2 users not shown) | |||
| Line 3: | Line 3: | ||
==Prerequisites== | ==Prerequisites== | ||
| − | *SSH Console software: PuTTY https://www.putty.org/ | + | *SSH Console software: PuTTY https://www.putty.org/ |
*File transfer software: WinSCP (version 5.15.3 used in this guide): WinSCP https://winscp.net/eng/index.php | *File transfer software: WinSCP (version 5.15.3 used in this guide): WinSCP https://winscp.net/eng/index.php | ||
*Wireshark: https://www.wireshark.org/ | *Wireshark: https://www.wireshark.org/ | ||
| + | *The SSH port (22) enabled in the firewall of the ICX-AlphaCom Core. | ||
==Login to the ICX-AlphaCom Core Ubuntu environment== | ==Login to the ICX-AlphaCom Core Ubuntu environment== | ||
| − | Using PuTTY, enter the IP Address of the ICX-AlphaCom Core Ubuntu environment | + | Using PuTTY, enter the IP Address of the ICX-AlphaCom Core Ubuntu environment. SSH (port 22) must be enabled in the firewall. |
| − | [[File:Putty Linux.PNG| | + | [[File:Putty Linux.PNG|473x473px|alt=|left|frameless]] |
<br style="clear:both;" /> | <br style="clear:both;" /> | ||
Login to the Ubuntu console using the login details created during Ubuntu installation. | Login to the Ubuntu console using the login details created during Ubuntu installation. | ||
| − | [[File:ICX-AlphaCom Core Ubuntu login.jpg| | + | [[File:ICX-AlphaCom Core Ubuntu login.jpg|alt=|left|frameless]] |
<br style="clear:both;" /> | <br style="clear:both;" /> | ||
| − | ... and | + | Alternatively, if you have console access via the physical machine, or you are using a Virtual Machine Host such as VirtualBox or ESXi, you can login via this console. |
| − | [[File:ICX | + | |
| + | ==TCPdump== | ||
| + | TCPdump is the linux tool to take a packet trace in the console. To enable a packet trace of all packets into a file named icxcore.pcap in the current directory, use the following command; | ||
| + | |||
| + | sudo tcpdump -s 0 -w icxcore.pcap | ||
| + | |||
| + | You will need to enter the root password for Ubuntu created during installation. | ||
| + | |||
| + | The packet trace will commence immediately, and will only stop when requested to by issuing the escape code CTRL + C. | ||
| + | [[File:Tcpdump.jpg|left|frameless|729x729px]] | ||
| + | <br style="clear:both;" /> | ||
| + | |||
| + | If your Ubuntu environment has more than 1 Ethernet adapter, you can use the -i flag to choose the correct adapter. Adapter names and IP Addresses are listed at login. | ||
| + | |||
| + | sudo tcpdump -i | ||
| + | |||
| + | There are many options for TCPdump, and you can do further reading here using the command man tcpdump | ||
| + | |||
| + | ==Copy the file via WinSCP== | ||
| + | |||
| + | |||
| + | Using WinSCP, connect to the Ubuntu environment using the IP Address, username and password. | ||
| + | [[File:ICX VB27.png|left|frameless]] | ||
<br style="clear:both;" /> | <br style="clear:both;" /> | ||
| − | + | ... and copy the capture file to your computer from the Ubuntu environment: | |
| + | [[File:Download PCAP.jpg|left|frameless|416x416px]] | ||
| + | <br style="clear:both;" /> | ||
Close WinSCP. | Close WinSCP. | ||
| + | |||
| + | <br /> | ||
| + | |||
| + | ==Wireshark== | ||
| + | You can now use Wireshark to inspect the packet trace, or send the trace to Support for further assistance. | ||
[[Category: ICX-AlphaCom Platform]] | [[Category: ICX-AlphaCom Platform]] | ||
| + | [[Category: ICX-Core]] | ||
Latest revision as of 08:21, 7 June 2022
This article describes how to use TCPdump to take a packet trace from the ICX-AlphaCom Core Ubuntu environment
Contents
Prerequisites
- SSH Console software: PuTTY https://www.putty.org/
- File transfer software: WinSCP (version 5.15.3 used in this guide): WinSCP https://winscp.net/eng/index.php
- Wireshark: https://www.wireshark.org/
- The SSH port (22) enabled in the firewall of the ICX-AlphaCom Core.
Login to the ICX-AlphaCom Core Ubuntu environment
Using PuTTY, enter the IP Address of the ICX-AlphaCom Core Ubuntu environment. SSH (port 22) must be enabled in the firewall.
Login to the Ubuntu console using the login details created during Ubuntu installation.
Alternatively, if you have console access via the physical machine, or you are using a Virtual Machine Host such as VirtualBox or ESXi, you can login via this console.
TCPdump
TCPdump is the linux tool to take a packet trace in the console. To enable a packet trace of all packets into a file named icxcore.pcap in the current directory, use the following command;
sudo tcpdump -s 0 -w icxcore.pcap
You will need to enter the root password for Ubuntu created during installation.
The packet trace will commence immediately, and will only stop when requested to by issuing the escape code CTRL + C.
If your Ubuntu environment has more than 1 Ethernet adapter, you can use the -i flag to choose the correct adapter. Adapter names and IP Addresses are listed at login.
sudo tcpdump -i
There are many options for TCPdump, and you can do further reading here using the command man tcpdump
Copy the file via WinSCP
Using WinSCP, connect to the Ubuntu environment using the IP Address, username and password.
... and copy the capture file to your computer from the Ubuntu environment:
Close WinSCP.
Wireshark
You can now use Wireshark to inspect the packet trace, or send the trace to Support for further assistance.