Table of Contents
Advertisement
Diagnostics
Example filters for capturing data traffic
The following are examples of filters using Berkeley Packet Filter (BPF) syntax for capturing several
types of network data. See
syntax.
Example IPv4 capture filters
Capture traffic to and from IP host 192.168.1.1:
n
ip host 192.168.1.1
Capture traffic from IP host 192.168.1.1:
n
ip src host 192.168.1.1
Capture traffic to IP host 192.168.1.1:
n
ip dst host 192.168.1.1
Capture traffic for a particular IP protocol:
n
ip proto protocol
where protocol is a number in the range of 1 to 255 or one of the following keywords: icmp,
icmp6, igmp, pim, ah, esp, vrrp, udp, or tcp.
Capture traffic to and from a TCP port 80:
n
ip proto tcp and port 80
Capture traffic to UDP port 53:
n
ip proto udp and dst port 53
Capture traffic from UDP port 53:
n
ip proto udp and src port 53
Capture to and from IP host 10.0.0.1 but filter out ports 22 and 80:
n
ip host 10.0.0.1 and not (port 22 or port 80)
Example Ethernet capture filters
Capture Ethernet packets to and from a host with a MAC address of 00:40:D0:13:35:36:
n
ether host 00:40:D0:13:35:36
Capture Ethernet packets from host 00:40:D0:13:35:36:
n
ether src 00:40:D0:13:35:36:
Capture Ethernet packets to host 00:40:D0:13:35:36:
n
ether dst 00:40:D0:13:35:36
IX10 User Guide
https://biot.com/capstats/bpf.html
Analyze network traffic
for detailed information about BPF
548
- Quick Links:
- Step 3: Connect
Hide quick links:
Advertisement
Table of Contents
