Support Support Downloads Knowledge Base Juniper Support Portal Community

Knowledge Base

Search our Knowledge Base sites to find answers to your questions.

Ask All Knowledge Base Sites All Knowledge Base Sites JunosE Defect (KA)Knowledge BaseSecurity AdvisoriesTechnical BulletinsTechnotes Sign in to display secure content and recently viewed articles

[ScreenOS] What options are available when configuring snoop?

0

0

Article ID: KB6586 KB Last Updated: 18 May 2020Version: 8.0
Summary:

This article details what options are available when configuring snoop in ScreenOS.

 

Symptoms:

Symptoms & Errors:

  • A snoop capture isn't gathering the data I need

  • How do I set the detail length?

 

Solution:

The snoop command has a list of options/settings that are different from the debug options/settings.

Note: Flow filters (set ff commands) apply to the debug flow capture, and they do not apply to the snoop capture.

The snoop options available for your release are viewable via the following CLI command:

snoop ?

This will produce a list similar to the following:

Parameter

Description

snoop

Starts the snoop capture

snoop ?

Provides a list of top-level options:

detail   snoop detail configuration
filter   snoop filter configuration
info     show snoop information
off      turn off snoop
tunnel   snoop tunnel traffic configuration
snoop detail ?

To set the packet length to display, use the len option

len      snoop detail length
off      turn off snoop detail

<number> packet length to display (range: 1 - 1514) 
snoop filter ? 

Filter options allow the setting of the IP source, destination, and/or port; setting the filter direction, interface, etc.

cisco-hdlc   snoop cisco hdlc protocol packet
delete       delete snoop filter
ethernet     snoop specified ethernet
frame-relay  snoop frame relay protocol and multilink fragment packet
id           snoop filter id
ip           snoop ip packet
off          turn off snoop filter
on           turn on snoop filter
ppp          snoop ppp protocol and multilink fragment packet
tcp          snoop tcp packet
tunnel       snoop filter tunnel traffic
udp          snoop udp packet
snoop filter ip ?

IP Filter options:

direction      snoop direction
dst-ip         snoop filter dst ip
dst-port       snoop filter dst port
interface      interface name
ip-proto       snoop filter ip proto
port           src or dst port
src-ip         snoop filter src ip
src-port       snoop filter src port
<IPv4 Address> IPv4 Address
offset         ip offset
snoop filter ethernet ?

Ethernet Filter options:

arp            snoop arp packet
direction      snoop direction
interface      interface name
nsrp           snoop nsrp packet
vlan           snoop vlan packet
<number >      snoop specified ethernet type
except         snoop all but the specified ethernet type
offset         ethernet offset
snoop info

Provides details about the snoop settings that have been configured.

Snoop: OFF
Filters Defined: 0, Active Filters 0
Detail: OFF, Detail Display length: 1514
Snoop tunnel traffic: ON

 

Modification History:

2020-04-18: Content reviewed and found to be valid and useful; missing output for snoop options added

 

Related Links

Comment on this article > Affected Products Browse the Knowledge Base for more articles related to these product categories. Select a category to begin.

Getting Up and Running with Junos

Getting Up and Running with Junos Security Alerts and Vulnerabilities Product Alerts and Software Release Notices Problem Report (PR) Search Tool EOL Notices and Bulletins JTAC User Guide Customer Care User Guide Pathfinder SRX High Availability Configurator SRX VPN Configurator Training Courses and Videos End User Licence Agreement Global Search