You can change this so it shows an actual timestamp.īrierley-FW01 # diagnose sniffer packet any "icmp" 4 0 l I also get the timestamp right at the beginning which is by default relative to the time you started sniffing, so in my case, it was 2.216830 seconds after I entered the command that I received the echo request. This makes sense as I a pinging the interface itself. So with the verbose 4 flag I can see the request is coming in on port 2 (The icmp echo request) and the reply is being sent out via port 2. Other options are a or l, a for absolute time and l for local time. Timestamp format – The format for timestamp, by default it is the number in seconds and milliseconds from when you started the capture to when the displayed packet is recieved on the listening interface. Verbose level – This can be a number between 1 and 6 and is defined as follows:Ģ: print header and data from ip of packetsģ: print header and data from ethernet of packets (if available)Ĥ: print header of packets with interface nameĥ: print header and data from ip of packets with interface nameĦ: print header and data from ethernet of packets (if available) with intf nameĬount – limit of packets you want to count, when this number is reached sniffer will stop, use 0 for unlimited Options – The tcpdump filter options you want to use, these must be surrounded by double or single quotes Interface – The actual interface you want the sniffer to run on or capture packets on, you can use the word any for all interfaces or specify the name of the interface All flags / options apart from interface are optional
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |