Terminus Logo  Secured by phpPhobos

Shadow Family   
  Login  - No Account?  Create One   
Search 
Friday, 29 March 2024  -
News FeedRSS Feed
rss rdf  
  Home 
  Authentication 
 Documentation 
    Site Documentation 
    About me 
  Legal Notice 
 Applications 
    Web Links 
 Hobbies 
    RC Models 
    RC Batteries 
    Build blogs 
 Modules 
    Downloads 
    Weblinks 
 Blacklists 
    Blacklist 
    Blockout 
    DNS Blacklist 
 Registered Bloggers 
  Joerg's Blog 
 Gallery [Listing]
  > Diving 
  > Steampunk 
  > RC Planes 
  > FPV Drones 
  > Indy travels 
 FAQ  [ Topics  ]
 Common Linux problem... 
 Routerboard RBxxxAH 
 Apple Mac-mini 
 PHP Phobos 
 Stargate's Backup sc... 
 eBook Reader / PRS-5... 
 RC Models 
 Server in SolLan 
Question ? How can I do some network troubleshooting ?   [
View DetailsView details
|
Print ViewPrint view
]

 

  • TCPDump

    tcpdump -i [Network-Device] host [IP-Address]
    

    In case you want to filter more specifically, b.e. filter on host and protocol, use this

    tcpdump -i [Network-Device] -x 'ip host [hostname] and port http'
    

  • Ethereal
    Note that newer versions are called wireshark for the GUI Based tool, the CLI based tool is called tshark - replace were appropriate

    tethereal -i [Network-Device]
    

    If you want to limit on a specific IP-Address, b.e. your workstation IP, use the following

    tethereal -i [Network-Device]  -R ip.addr==[IP-Address]
    

    and if you have the webserver running on a different port as 80 - tell ethereal what tcp-port to interprete as http traffic with the following

    tethereal -i [Network-Device]  -d tcp.port==[Port-Nr],http -R ip.addr==[IP-Address]
    

    Another easy way to filter is:

    tethereal -i [Network-Device] host [host-IP] and port [Port-Nr.]
    

    If you want to dump the output to a file - append: -w output.dump to these strings - and you'll have all data dumped to these files - you can later read/open with ethereal for analisys.

  • IPtraf - provides you an easy way to identify non clean traffic. This means, even if tethereal and tcpdump show you some data, iptraf will not show you a packet count increase in case the data is valid, e.g. a wrong setup VLAN (Unidirectional traffic, missing parts of the tcp/ip traffic messages etc.

  • In case you have https-traffic to monitor - you can use ssldump to have a look at the traffic. this troubleshooting method is also very keen in case you see loads of ssl-decode errors. Try out the following:

    ssldump -ni eth1 -d -k [pem-key] host [host-ip]
    

  • A very keen solution is to also tunnel the traffic from your workstation into an internal machine - to have a specific IP-Address to filter through the advanced recorder. This can be reached by using ssh in tunnel mode from your local machine (note that you'll need a local cli-based ssh solution on the workstation you are working from:

    ssh -L [client-IP]:[client-Port]:[remote-IP]:[remote-port]
    

    once done - connect to the application by using http://localhost[client-port]

 

Entered by smurphy on Tuesday, 21 October 2008 @ 09:43:36  
Linux General - Common Linux problems, # Hits: 95489
  Back Back  
 
Problems to  webmaster(-AT-)solsys(-DOT-)org  - best viewed @ 1920bpp
This site is powered by phpPhobos v2.0b446
© J. Mertin smurphy(-AT-)solsys(-DOT-)org 
Icons - Copyright Breeze artists GPL 2+