09-04-2002
In Unix/Linux...You can use: tcpdump, ethereal, iptraf...
tcpdump: default was install with any version Unix
10 More Discussions You Might Find Interesting
1. IP Networking
I have 4 network ports on our T5240 sun server.
all but 1 gives packet losses (nxge1)
nxge0 gives on average 50% packet loss, very bad.
nxge2 gives on average 1-2% packet loss.
nxge3 gives on average 20% packet loss.
Is there a tool or something to help me find the problem? (11 Replies)
Discussion started by: photon
11 Replies
2. Programming
Hi,
i am using a linux CentOS machine. I have 2 real network interfaces
eth0, eth1 and 2 virtual interfaces tap0 and tap1. I am using PCAP library to capture
the packets on theses interfaces. If i specify the interface as "any",
i cannot find a way to know from which interface the packet... (1 Reply)
Discussion started by: rahulnitk2004
1 Replies
3. IP Networking
Hi All,
I need your help regarding packet capturing and modification. Like we may add extra content into the original html content.
Any open source tools.. programs...etc..
Do share your views and ideas.
-Vivek (1 Reply)
Discussion started by: viveksnv
1 Replies
4. Programming
Hi,
I want to write a packet sniffer in C without using libpcap. Can anyone suggest me how to begin writing it? Any tutorials or books?
Thanks in advance! (2 Replies)
Discussion started by: nefarious_genus
2 Replies
5. Programming
can anyone tell me how can i capture the packets. i have tried ethernet software to capture them but its not doing what i want it to do it (1 Reply)
Discussion started by: dazdseg
1 Replies
6. IP Networking
Hi, wondering if anyone can suggest a tool to me that will let me either cut & paste hex or type it in for packet decoding.
I want to be able to decode a packet as done with tcpdump or wireshark, but I want to be able to manually input the hex myself. (2 Replies)
Discussion started by: Breakology
2 Replies
7. Cybersecurity
Exercise:
Protection of WEB and DNS servers using the context-free rules for packet filtering:
- Protect your WEB-server, so that would be for him can be accessed by browsers, and could go to dns.
- Protect your primary DNS-server so that it could be to contact clients and secondary servers.... (1 Reply)
Discussion started by: numeracy
1 Replies
8. Homework & Coursework Questions
Exercise:
Protection of WEB and DNS servers using the context-free rules for packet filtering:
- Protect your WEB-server, so that would be for him can be accessed by browsers, and could go to dns.
- Protect your primary DNS-server so that it could be to contact clients and secondary servers.... (1 Reply)
Discussion started by: numeracy
1 Replies
9. AIX
(5 Replies)
Discussion started by: Vishal_dba
5 Replies
10. Solaris
I'd like to use SPARC Solaris10 to 'wake up' an old PC on same LAN.
what is the simplest way of doing it? (preferably without installing new software)
thanks. (14 Replies)
Discussion started by: orange47
14 Replies
LEARN ABOUT FREEBSD
if_enc
ENC(4) BSD Kernel Interfaces Manual ENC(4)
NAME
enc -- Encapsulating Interface
SYNOPSIS
To compile this driver into the kernel, place the following line in your kernel configuration file:
device enc
DESCRIPTION
The enc interface is a software loopback mechanism that allows hosts or firewalls to filter ipsec(4) traffic using any firewall package that
hooks in via the pfil(9) framework.
The enc interface allows an administrator to see incoming and outgoing packets before and after they will be or have been processed by
ipsec(4) via tcpdump(1).
The ``enc0'' interface inherits all IPsec traffic. Thus all IPsec traffic can be filtered based on ``enc0'', and all IPsec traffic could be
seen by invoking tcpdump(1) on the ``enc0'' interface.
What can be seen with tcpdump(1) and what will be passed on to the firewalls via the pfil(9) framework can be independently controlled using
the following sysctl(8) variables:
Name Defaults Suggested
net.enc.out.ipsec_bpf_mask 0x00000003 0x00000001
net.enc.out.ipsec_filter_mask 0x00000001 0x00000001
net.enc.in.ipsec_bpf_mask 0x00000001 0x00000002
net.enc.in.ipsec_filter_mask 0x00000001 0x00000002
For the incoming path a value of 0x1 means ``before stripping off the outer header'' and 0x2 means ``after stripping off the outer header''.
For the outgoing path 0x1 means ``with only the inner header'' and 0x2 means ``with outer and inner headers''.
incoming path |------|
---- IPsec processing ---- (before) ---- (after) ----> | |
| Host |
<--- IPsec processing ---- (after) ----- (before) ---- | |
outgoing path |------|
Most people will want to run with the suggested defaults for ipsec_filter_mask and rely on the security policy database for the outer head-
ers.
EXAMPLES
To see the packets the processed via ipsec(4), adjust the sysctl(8) variables according to your need and run:
tcpdump -i enc0
SEE ALSO
tcpdump(1), bpf(4), ipf(4), ipfw(4), ipsec(4), pf(4), tcpdump(8)
BSD
November 28, 2007 BSD