546
edits
Process traffic capture from remote device: Difference between revisions
Process traffic capture from remote device (view source)
Revision as of 06:48, 6 August 2024
, 6 August 2024no edit summary
No edit summary |
No edit summary |
||
| Line 48: | Line 48: | ||
In all examples, host and port number must be set according to the actual Allegro Network Multimeter device and the configured port number. | In all examples, host and port number must be set according to the actual Allegro Network Multimeter device and the configured port number. | ||
{| class="wikitable" | {| class="wikitable" | ||
|- | |- | ||
| [[File:Process traffic capture from remote device1.png|1000px|none]] | |[[File:Process traffic capture from remote device1.png|1000px|none]] | ||
|} | |} | ||
=== Alternative tools === | ===Alternative tools=== | ||
The Allegro Network Multimeter also accepts plain pcap files on the configured port. | The Allegro Network Multimeter also accepts plain pcap files on the configured port. | ||
| Line 63: | Line 60: | ||
Example uses are: | Example uses are: | ||
* Processing a local pcap file: | *Processing a local pcap file: | ||
cat trace.pcap | netcat allegro-mm-abcd 1234 | cat trace.pcap | netcat allegro-mm-abcd 1234 | ||
* Live-capture via tcpdump: | *Live-capture via tcpdump: | ||
sudo tcpdump -i eth0 -s 0 -U -w /dev/stdout | netcat allegro-mm-abcd 1234 | sudo tcpdump -i eth0 -s 0 -U -w /dev/stdout | netcat allegro-mm-abcd 1234 | ||
==Remote capture via ERSPAN== | |||
The capturing tool also supports sending the packets as ERSPAN-wrapped packets. This mode is used with the `-e` flag (which needs an ERSPAN session ID as a parameter). If this mode is used, the port doesn't need to be specified anymore. | |||
sudo ./ap_capture_to_remote -e 123 1.2.3.4 | |||
In this mode, the [[ERSPAN Installation|endpopint mode for ERSPAN]] must be enabled and configured for the same IP as used in the ap_capture_to_remote command line argument. | |||