How can captured packets be save as Wireshark compatible files via "tcpdump" command in the SBG3300?
Step 1 Establish a Telnet connection to the SBG3300. The default IP address is 192.168.1.1. Use the “admin” account to access the SBG that can do the packet capture.
Step 2 Enter the command "sh".
Step 3 Enter command “tcpdump -i ‘interface name’ -w /var/tmp/’file name’”.
In this example, the goal is to capture packets in the br0 interface and save them into file name test001. Therefore, the command entered is “tcpdump –i br0 -w /var/tmp/test001". When the command is entered, packets in this interface are recorded.
Note: Use "ifconfig" command to check the interface name.
Step 4 Once the packet capture is finished, press “ctrl-c” to stop the capture session.
Step 5 Access the corresponding folder where the packet capture file is saved. Enter the command “cd /var/tmp” to access the folder.
Step 6 Check whether the packet capture file is in the folder. Enter the “ls” command to check.
Step 7 Start the Filezilla application. Enter the IP address, username and password to access SBG3300. In the remote side, enter the corresponding path where the packet capture file is saved, which is /var/tmp/ in this example. The file test001 is in the folder.
Step 8 Select a specific folder at the local side where the packet capture file will be saved. Right-click on the packet capture file and select “Download”.
Step 9 After the file is downloaded, change the file name in order to make it compatible with Wireshark. Add “.pcapng” following the original file name.
Step 10 The file should now be Wireshark compatible.
Verification
Open the file in Wireshark and check the captured packets.
Categories
- All Categories
- 415 Beta Program
- 2.4K Nebula
- 149 Nebula Ideas
- 96 Nebula Status and Incidents
- 5.7K Security
- 263 USG FLEX H Series
- 271 Security Ideas
- 1.4K Switch
- 74 Switch Ideas
- 1.1K Wireless
- 40 Wireless Ideas
- 6.4K Consumer Product
- 249 Service & License
- 387 News and Release
- 84 Security Advisories
- 29 Education Center
- 10 [Campaign] Zyxel Network Detective
- 3.5K FAQ
- 34 Documents
- 34 Nebula Monthly Express
- 85 About Community
- 73 Security Highlight