Login or Register to Ask a Question and Join Our Community

Sponsored Content
Full Discussion: Capturing bad packets
Special Forums UNIX and Linux Applications Infrastructure Monitoring Capturing bad packets Post 302361838 by otheus on Wednesday 14th of October 2009 07:55:37 AM
Old 10-14-2009
Capturing bad packets
Hello,

SNMP reports from my Linux server a large number of "ipInAddrErrors" on several of my systems. According to one description, these packets are discarded datagrams due to:
Quote:
the IP address in their IP header's destination field was not a valid address to be received at this entity. ... For entities which are not IP Gateways and therefore do not forward datagrams, this counter includes datagrams discarded because the destination address was not a local address.
How do I determine what packets these are? Can tcpdump help? If so, can anyone suggest a filter?
 

10 More Discussions You Might Find Interesting

1. UNIX for Dummies Questions & Answers

sending packets

How can i send a packet, and what is an empty packet? (8 Replies)
Discussion started by: Avatar0fEvil
8 Replies

2. Programming

Packets Getting Lost

I am working on a project, which has the following type of hardware setup. A special hardware device is receiving data from an external network interface. So we can have multiple such a hardware devices. Now these hardware devices will route the captured incoming data through the external... (4 Replies)
Discussion started by: S.P.Prasad
4 Replies

3. IP Networking

counting the packets

there are a number of clients connected to a server.... how can i count that each clients recieve ...? how do i moniter the activity of the client..? (2 Replies)
Discussion started by: damn_bkb
2 Replies

4. UNIX for Advanced & Expert Users

Script to search a bad record in a file then put the record in the bad file

I need to write a script that can find a bad record (for example: there is date field colom but value provided in the file for this field is N/A) then script shoud searches this pattern and then insert the whole record into the bad file. Example: File1 Name designation dateOfJoining... (1 Reply)
Discussion started by: shilendrajadon
1 Replies

5. Shell Programming and Scripting

Script to search a bad record in a file then put the record in the bad file

I need to write a script that can find a bad record (for example: there is date field colom but value provided in the file for this field is N/A) then script shoud searches this pattern and then insert the whole record into the bad file. Example: File1 Name designation dateOfJoining... (2 Replies)
Discussion started by: shilendrajadon
2 Replies

6. Shell Programming and Scripting

send packets

Hello I need to send some packets to check connection. Packets will be catch by snoop. Is there any Sun tool to send some packets on selected IP and Port? Thx (1 Reply)
Discussion started by: miojamo
1 Replies

7. HP-UX

packets statistics

Hi there, are there any functions that can get the packets statistics on UNIX ? thanks. (2 Replies)
Discussion started by: Frank2004
2 Replies

8. IP Networking

tcpdump -w file is not capturing all the packets

I am trying to capture tcpdump for traffic to a port in a file but this does not seem to capture all the packets. Command I use is : tcpdump -w tdump.dat port 22 Why is it not capturing all the packets ? Here is my experiment: root@pmode-client6 adc-demo]# tcpdump port 22 tcpdump:... (5 Replies)
Discussion started by: radiatejava
5 Replies

9. IP Networking

Help with capturing/reading total packets on specific port number

Hi guys, I'm using a Linux system(Ubuntu) and I've been trying to find a method to read the total packets received/sent on a specific port (e.g port 80 or port 25) on a local machine. I can read the overall total packets received/sent from the /proc/net/dev file system. But what I can't do is... (2 Replies)
Discussion started by: lildee
2 Replies

10. Shell Programming and Scripting

Why I get bad bad substitution when using eval?

Why I get bad replace when using eval? $ map0=( "0" "0000" "0") $ i=0 $ eval echo \${map$i} 0000 $ a=`eval echo \${map$i}` !!!error happens!!! bash: ${map$i}: bad substitution How to resolve it ? Thanks! (5 Replies)
Discussion started by: 915086731
5 Replies

LEARN ABOUT CENTOS

pflog

PFLOG(4)                                                   BSD Kernel Interfaces Manual                                                   PFLOG(4)

NAME

     pflog -- packet filter logging interface

SYNOPSIS

     device pflog

DESCRIPTION

     The pflog interface is a pseudo-device which makes visible all packets logged by the packet filter, pf(4).  Logged packets can easily be mon-
     itored in real time by invoking tcpdump(1) on the pflog interface, or stored to disk using pflogd(8).

     The pflog0 interface is created automatically at boot if both pf(4) and pflogd(8) are enabled; further instances can be created using
     ifconfig(8).

     Each packet retrieved on this interface has a header associated with it of length PFLOG_HDRLEN.  This header documents the address family,
     interface name, rule number, reason, action, and direction of the packet that was logged.  This structure, defined in <net/if_pflog.h> looks
     like

           struct pfloghdr {
                   u_int8_t        length;
                   sa_family_t     af;
                   u_int8_t        action;
                   u_int8_t        reason;
                   char            ifname[IFNAMSIZ];
                   char            ruleset[PF_RULESET_NAME_SIZE];
                   u_int32_t       rulenr;
                   u_int32_t       subrulenr;
                   uid_t           uid;
                   pid_t           pid;
                   uid_t           rule_uid;
                   pid_t           rule_pid;
                   u_int8_t        dir;
                   u_int8_t        pad[3];
           };

EXAMPLES

     Create a pflog interface and monitor all packets logged on it:

           # ifconfig pflog1 up
           # tcpdump -n -e -ttt -i pflog1

SEE ALSO

     tcpdump(1) inet(4), inet6(4), netintro(4), pf(4), ifconfig(8), pflogd(8)

HISTORY

     The pflog device first appeared in OpenBSD 3.0.

BSD                                                              December 10, 2001                                                             BSD
All times are GMT -4. The time now is 10:06 AM.
Unix & Linux Forums Content Copyright 1993-2022. All Rights Reserved.
Privacy Policy