Difference between revisions of "ICX-Alphacom Core tcpdump"
From Zenitel Wiki
ZenitelAus (talk | contribs) (Tag: Visual edit) |
ZenitelAus (talk | contribs) (Tag: Visual edit) |
||
| Line 1: | Line 1: | ||
| + | {{DISPLAYTITLE:ICX-Alphacom Core TCPdump}} | ||
{{I}}This article describes how to use TCPdump to take a packet trace from the ICX-AlphaCom Core Ubuntu environment | {{I}}This article describes how to use TCPdump to take a packet trace from the ICX-AlphaCom Core Ubuntu environment | ||
| Line 6: | Line 7: | ||
*File transfer software: WinSCP (version 5.15.3 used in this guide): WinSCP https://winscp.net/eng/index.php | *File transfer software: WinSCP (version 5.15.3 used in this guide): WinSCP https://winscp.net/eng/index.php | ||
*Wireshark: https://www.wireshark.org/ | *Wireshark: https://www.wireshark.org/ | ||
| + | *The SSH port (22) enabled in the firewall of the ICX-AlphaCom Core. | ||
==Login to the ICX-AlphaCom Core Ubuntu environment== | ==Login to the ICX-AlphaCom Core Ubuntu environment== | ||
| − | Using PuTTY, enter the IP Address of the ICX-AlphaCom Core Ubuntu environment | + | Using PuTTY, enter the IP Address of the ICX-AlphaCom Core Ubuntu environment. SSH (port 22) must be enabled in the firewall. |
[[File:Putty Linux.PNG|473x473px|alt=|left|frameless]] | [[File:Putty Linux.PNG|473x473px|alt=|left|frameless]] | ||
<br style="clear:both;" /> | <br style="clear:both;" /> | ||
| Line 23: | Line 25: | ||
<br /> | <br /> | ||
| − | == TCPdump == | + | Alternatively, if you have console access via the physical machine, or you are using a Virtual Machine Host such as VirtualBox or ESXi, you can login via this console. |
| + | |||
| + | ==TCPdump== | ||
TCPdump is the linux tool to take a packet trace in the console. To enable a packet trace of all packets into a file named icxcore.pcap in the current directory, use the following command; | TCPdump is the linux tool to take a packet trace in the console. To enable a packet trace of all packets into a file named icxcore.pcap in the current directory, use the following command; | ||
| Line 31: | Line 35: | ||
The packet trace will commence immediately, and will only stop when requested to by issuing the escape code CTRL + C. | The packet trace will commence immediately, and will only stop when requested to by issuing the escape code CTRL + C. | ||
| + | [[File:Tcpdump.jpg|left|frameless|729x729px]] | ||
| + | |||
| + | |||
| + | |||
| + | If your Ubuntu environment has more than 1 Ethernet adapter, you can use the -i flag to choose the correct adapter. Adapter names and IP Addresses are listed at login. | ||
| + | |||
| + | sudo tcpdump -i | ||
There are many options for TCPdump, and you can do further reading here using the command man tcpdump | There are many options for TCPdump, and you can do further reading here using the command man tcpdump | ||
| + | == Copy the file via WinSCP == | ||
| − | ... and copy the | + | Using WinSCP, connect to the Ubuntu environment using the IP Address, username and password. |
| + | [[File:ICX VB27.png|left|frameless]] | ||
| + | |||
| + | |||
| + | |||
| + | |||
| + | |||
| + | |||
| + | |||
| + | |||
| + | ... and copy the capture file to your computer from the Ubuntu environment: | ||
| + | [[File:Download PCAP.jpg|left|frameless|416x416px]] | ||
<br style="clear:both;" /> | <br style="clear:both;" /> | ||
| − | + | Close WinSCP. | |
| − | + | <br /> | |
| + | == Wireshark == | ||
| + | You can now use Wireshark to inspect the packet trace, or send the trace to Support for further assistance. | ||
| + | <br /> | ||
[[Category: ICX-AlphaCom Platform]] | [[Category: ICX-AlphaCom Platform]] | ||
Revision as of 02:41, 4 February 2020
This article describes how to use TCPdump to take a packet trace from the ICX-AlphaCom Core Ubuntu environment
Contents
Prerequisites
- SSH Console software: PuTTY https://www.putty.org/
- File transfer software: WinSCP (version 5.15.3 used in this guide): WinSCP https://winscp.net/eng/index.php
- Wireshark: https://www.wireshark.org/
- The SSH port (22) enabled in the firewall of the ICX-AlphaCom Core.
Login to the ICX-AlphaCom Core Ubuntu environment
Using PuTTY, enter the IP Address of the ICX-AlphaCom Core Ubuntu environment. SSH (port 22) must be enabled in the firewall.
Login to the Ubuntu console using the login details created during Ubuntu installation.
Alternatively, if you have console access via the physical machine, or you are using a Virtual Machine Host such as VirtualBox or ESXi, you can login via this console.
TCPdump
TCPdump is the linux tool to take a packet trace in the console. To enable a packet trace of all packets into a file named icxcore.pcap in the current directory, use the following command;
sudo tcpdump -s 0 -w icxcore.pcap
You will need to enter the root password for Ubuntu created during installation.
The packet trace will commence immediately, and will only stop when requested to by issuing the escape code CTRL + C.
If your Ubuntu environment has more than 1 Ethernet adapter, you can use the -i flag to choose the correct adapter. Adapter names and IP Addresses are listed at login.
sudo tcpdump -i
There are many options for TCPdump, and you can do further reading here using the command man tcpdump
Copy the file via WinSCP
Using WinSCP, connect to the Ubuntu environment using the IP Address, username and password.
... and copy the capture file to your computer from the Ubuntu environment:
Close WinSCP.
Wireshark
You can now use Wireshark to inspect the packet trace, or send the trace to Support for further assistance.