2 Replies Latest reply: Mar 9, 2012 7:23 AM by 918007 RSS

    TCP dumps

    918007
      how can we pull the tcp dumps from a server or capture the packets of a server.?
        • 1. Re: TCP dumps
          SteveS
          tcpdump is not part of the Solaris distribution but can be downloaded from the Internet from sites such as http://www.sunfreeware.com/
          There's also Wireshark which you can either compile from source or download pre-built packages from http://www.sunfreeware.com/

          Solaris does come with a packet capture tool called snoop(1M) so read the man page to understand how to use it. The syntax is very similar to tcpdump and wireshark.
          System Administration Commands                          snoop(1M)
          
          NAME
               snoop - capture and inspect network packets
          
          SYNOPSIS
               snoop [-aqrCDINPSvV] [-t [r | a | d]] [-c maxcount]
                [-d device] [-i filename] [-n filename] [-o filename]
                [-p first [, last]] [-s snaplen] [-x offset [, length]]
                [expression]
          HTH
          Steve
          • 2. Re: TCP dumps
            918007
            Thank you for the info.