In production environments, packet-capturing tools such as Wireshark are usually not installed. In such scenarios, a default-capturing tool can be used such as tcpdump
for (Linux systems) and snoop
(the Solaris default); later the captured file can be used in Wireshark for analysis:
For example, the following table shows how to check packets from interfaces:
Description |
Solaris |
Linux |
---|---|---|
How to check packets from all interfaces |
|
|
How to capture with hostname |
|
|
How to write the captured information to a file |
|
|
How to capture packets between |
|
|
How to capture traffic with verbose output to screen |
|
Very Verbose
|
|
| |
|
| |
How to capture the IPv6 traffic |
|
|
How to capture protocols |
|
|
18.118.12.232