Discussion:
[j-nsp] TCPDUMP on High-end SRX
mahmoud yasin
2012-12-11 17:00:44 UTC
Permalink
Hi
?
How to use TCPDump to capture the In/Out traffic from the firewall interface (device self generated traffic).
Also how to read the output using wireshark (how to get a copy of the file)?
This is required for High-end firewalls.
?
Regards
Myasin
叶雨飞
2012-12-11 18:24:13 UTC
Permalink
monitor traffic no-resolve interface xxxxx write-file xxx.pcap

or, if you prefer, simply start shell then tcpdump -i xxx -n -p -w xxxx.pcap
Post by mahmoud yasin
Hi
How to use TCPDump to capture the In/Out traffic from the firewall interface (device self generated traffic).
Also how to read the output using wireshark (how to get a copy of the file)?
This is required for High-end firewalls.
Regards
Myasin
_______________________________________________
juniper-nsp mailing list juniper-nsp at puck.nether.net
https://puck.nether.net/mailman/listinfo/juniper-nsp
Tim Eberhard
2012-12-11 18:27:40 UTC
Permalink
That will *only* grab traffic to the control plane, not through the
interfaces. For what its worth.

-Tim Eberhard
Post by 叶雨飞
monitor traffic no-resolve interface xxxxx write-file xxx.pcap
or, if you prefer, simply start shell then tcpdump -i xxx -n -p -w xxxx.pcap
Post by mahmoud yasin
Hi
How to use TCPDump to capture the In/Out traffic from the firewall
interface (device self generated traffic).
Post by mahmoud yasin
Also how to read the output using wireshark (how to get a copy of the
file)?
Post by mahmoud yasin
This is required for High-end firewalls.
Regards
Myasin
_______________________________________________
juniper-nsp mailing list juniper-nsp at puck.nether.net
https://puck.nether.net/mailman/listinfo/juniper-nsp
_______________________________________________
juniper-nsp mailing list juniper-nsp at puck.nether.net
https://puck.nether.net/mailman/listinfo/juniper-nsp
mahmoud yasin
2012-12-12 07:46:58 UTC
Permalink
Thank you All



________________________________
From: Tim Eberhard <xmin0s at gmail.com>
To: ??? <sunyucong at gmail.com>
Cc: mahmoud yasin <eng_mahmood48 at yahoo.com>; "juniper-nsp at puck.nether.net" <juniper-nsp at puck.nether.net>
Sent: Tuesday, December 11, 2012 10:27 PM
Subject: Re: [j-nsp] TCPDUMP on High-end SRX


That will *only* grab traffic to the control plane, not through the interfaces. For what its worth.

-Tim Eberhard


On Tue, Dec 11, 2012 at 12:24 PM, ??? <sunyucong at gmail.com> wrote:

monitor traffic no-resolve interface xxxxx write-file xxx.pcap
Post by 叶雨飞
or, if you prefer, simply start shell then tcpdump -i xxx -n -p -w xxxx.pcap
Post by mahmoud yasin
Hi
How to use TCPDump to capture the In/Out traffic from the firewall interface (device self generated traffic).
Also how to read the output using wireshark (how to get a copy of the file)?
This is required for High-end firewalls.
Regards
Myasin
_______________________________________________
juniper-nsp mailing list juniper-nsp at puck.nether.net
https://puck.nether.net/mailman/listinfo/juniper-nsp
_______________________________________________
juniper-nsp mailing list juniper-nsp at puck.nether.net
https://puck.nether.net/mailman/listinfo/juniper-nsp
Loading...