![]() ![]() Note1: dp0p224p1 is the interface on which we capture the traffic. You can use tshark to read your packet capture: ![]() Capture packets based on multilpe IPs and Protocol/Port.Capture packets based on IP and Protocol/Port.Tshark -f “ udp port 53” -i dp0p224p1 -w /tmp/capture.pcap Tshark -f “ tcp port 1401” -i dp0p224p1 -w /tmp/capture.pcap Capture packet based on source or destination IP.Here I show you a few real world example for tshark capture filter, which hope can save you a bit of time. To capture your interested traffic and remove unnessary nosiy traffic, you need to use the capture filter when you perform the packet capture. Vyatta 5600 provides Tshark as the packet capture tool. ![]()
0 Comments
Leave a Reply. |