How can captured packets be save as Wireshark compatible files via "tcpdump" command in the SBG3300?
Step 1 Establish a Telnet connection to the SBG3300. The default IP address is 192.168.1.1. Use the “admin” account to access the SBG that can do the packet capture.
Step 2 Enter the command "sh".
Step 3 Enter command “tcpdump -i ‘interface name’ -w /var/tmp/’file name’”.
In this example, the goal is to capture packets in the br0 interface and save them into file name test001. Therefore, the command entered is “tcpdump –i br0 -w /var/tmp/test001". When the command is entered, packets in this interface are recorded.
Note: Use "ifconfig" command to check the interface name.
Step 4 Once the packet capture is finished, press “ctrl-c” to stop the capture session.
Step 5 Access the corresponding folder where the packet capture file is saved. Enter the command “cd /var/tmp” to access the folder.
Step 6 Check whether the packet capture file is in the folder. Enter the “ls” command to check.
Step 7 Start the Filezilla application. Enter the IP address, username and password to access SBG3300. In the remote side, enter the corresponding path where the packet capture file is saved, which is /var/tmp/ in this example. The file test001 is in the folder.
Step 8 Select a specific folder at the local side where the packet capture file will be saved. Right-click on the packet capture file and select “Download”.
Step 9 After the file is downloaded, change the file name in order to make it compatible with Wireshark. Add “.pcapng” following the original file name.
Step 10 The file should now be Wireshark compatible.
Verification
Open the file in Wireshark and check the captured packets.
Categories
- All Categories
- 347 Beta Program
- 2.1K Nebula
- 114 Nebula Ideas
- 77 Nebula Status and Incidents
- 5K Security
- 44 USG FLEX H Series
- 246 Security Ideas
- 1.2K Switch
- 65 Switch Ideas
- 901 WirelessLAN
- 33 WLAN Ideas
- 5.8K Consumer Product
- 204 Service & License
- 326 News and Release
- 71 Security Advisories
- 21 Education Center
- 5 [Campaign] Zyxel Network Detective
- 1.8K FAQ
- 831 Nebula FAQ
- 401 Security FAQ
- 219 Switch FAQ
- 190 WirelessLAN FAQ
- 45 Consumer Product FAQ
- 136 Service & License FAQ
- 34 Documents
- 34 Nebula Monthly Express
- 71 About Community
- 61 Security Highlight