Support Support Downloads Knowledge Base Case Manager My Juniper Community

Knowledge Base

Search our Knowledge Base sites to find answers to your questions.

Ask All Knowledge Base Sites All Knowledge Base Sites JunosE Defect (KA)Knowledge BaseSecurity AdvisoriesTechnical BulletinsTechnotes Sign in to display secure content and recently viewed articles

[Junos Content Encore (formerly MFC)] how to use tcpdump to capture specific packets from existing traffic flows

0

0

Article ID: KB23815 KB Last Updated: 04 Mar 2017Version: 3.0
Summary:
This article provides information on how to use tcpdump to capture specific packets from existing traffic flows.
Symptoms:
How to use tcpdump to capture specific packets from existing traffic flows.
Cause:

Solution:
A JCE is built on the Linux platform. You can use underlying tools of the Linux platform to troubleshoot many issues. One of the tools that you can use to capture traffic is tcpdump. To use this tool in JCE, you should have an access to the enable mode.
VXA2010-1 > enable > Issue enable to get into enable mode.
VXA2010-1#tcpdump <options>
The following tables list the option that you can use to obtain the correct output:

Command Line options:


   
You can also modify the capture by using the following filters:

Capture Filter Primitives:

 

The following protocols are supported in tcpdump:

  • ARP

  • IP6

  • Slip

  • Ether

  • Link

  • TCP

  • DDI

  • PPP

  • TR

  • ICMP

  • Radio

  • UDP

  • IP

  • RARP

  • WLAN

The following modifiers can be used:

  • ! or not

  • && or and

  • || or or


The following TCP flags can be used:

  • tcp-urg

  • tcp-rst

  • tcp-ack

  • tcp-syn

  • tcp-psh

  • tcp-fin

The following examples are good references on how to use tcpdump:

  • Tcpdump udp dst port no 53

  • Tcpdump host 10.0.0.1 && host 10.0.02

  • Tcpdump dst port 80 or 8080
Comment on this article > Affected Products Browse the Knowledge Base for more articles related to these product categories. Select a category to begin.

Getting Up and Running with Junos

Getting Up and Running with Junos Security Alerts and Vulnerabilities Product Alerts and Software Release Notices Problem Report (PR) Search Tool EOL Notices and Bulletins JTAC User Guide Customer Care User Guide Pathfinder SRX High Availability Configurator SRX VPN Configurator Training Courses and Videos End User Licence Agreement Global Search