Effective Use of packet-trace Command
Hello.
Have a 6300 SBC Installed.
No server setup to fork traces to.
Use the "packet-trace local <net_int_name:vlan>" to capture the trace locally, retrieve via sftp.
QUESTIONS
1. What syntax/cmd can I use to capture filter only traffic from a specific session agent?
I tried;
packet-trace local <net_int_name:vlan> "-i net 10.4.3.2"
& other manipulations, SBC returned error stating dumpcap syntax. Don't know how to use it, please give me a clue.
2. At present, to get simultaneous trace at both the trusted and untrusted sides, I capture on two separate putty sessions then merge both captures with wireshark. Is there a command that I can use to capture in just one putty session? ( also, once a capture starts, I can't do use ACLI until ctr+c to end capture. Use & like this "packet-trace local <net_int_name:vlan> &" and couldn't find any running session to kill. How do I move running sessions to the background and bring it to foreground?
Have a 6300 SBC Installed.
No server setup to fork traces to.
Use the "packet-trace local <net_int_name:vlan>" to capture the trace locally, retrieve via sftp.
QUESTIONS
1. What syntax/cmd can I use to capture filter only traffic from a specific session agent?
I tried;
packet-trace local <net_int_name:vlan> "-i net 10.4.3.2"
& other manipulations, SBC returned error stating dumpcap syntax. Don't know how to use it, please give me a clue.
2. At present, to get simultaneous trace at both the trusted and untrusted sides, I capture on two separate putty sessions then merge both captures with wireshark. Is there a command that I can use to capture in just one putty session? ( also, once a capture starts, I can't do use ACLI until ctr+c to end capture. Use & like this "packet-trace local <net_int_name:vlan> &" and couldn't find any running session to kill. How do I move running sessions to the background and bring it to foreground?
Tagged:
0