09-24-2013 05:43 AM
Hi all,
I have some problems with the tcpdump command/option.
When I start an tcpdump at the GUI nothing will happen. I didn't see any pcap files being created.
When I stop de capture and start an new capture via the CLI, I still didn't see any files being created.
When I use the command "debug dataplane packet-diag show setting" I see the capture is enabled and also that there is data being captured.
But when I want to view the files with "view-pcap filter-pcap <file>" I didn't see any files. I see the following error "tcpdump: /opt/panlogs/session/pan/filters/dr_temp: No such file or directory"
I am running since friday 13th september version 5.07, this is the first time I want to use the packet capture.
Thanks a lot,
Best Regards
Patrick Pater
CLI ouput:
admpatc@nwc-pan01(active)> debug dataplane packet-diag set filter match source 172.24.22.145 destination 206.221.218.106
admpatc@nwc-pan01(active)> debug dataplane packet-diag set filter on
debug packet filter: on
admpatc@nwc-pan01(active)> debug dataplane packet-diag set capture stage firewall file fw_temp
admpatc@nwc-pan01(active)> debug dataplane packet-diag set capture stage drop file dr_temp
admpatc@nwc-pan01(active)> debug dataplane packet-diag set capture on
Packet capture is enabled
admpatc@nwc-pan01(active)>
admpatc@nwc-pan01(active)>
admpatc@nwc-pan01(active)>
admpatc@nwc-pan01(active)> debug dataplane packet-diag show setting
DP 0:
--------------------------------------------------------------------------------
Packet diagnosis setting:
--------------------------------------------------------------------------------
Packet filter
Enabled: yes
Match pre-parsed packet: no
Index 1: 172.18.100.196[0]->172.19.0.172[0], proto 0
ingress-interface any, egress-interface any, exclude non-IP
Index 2: 172.19.0.172[0]->172.18.100.196[0], proto 0
ingress-interface any, egress-interface any, exclude non-IP
Index 3: 172.24.22.145[0]->206.221.218.106[0], proto 0
ingress-interface any, egress-interface any, exclude non-IP
--------------------------------------------------------------------------------
Logging
Enabled: no
Log-throttle: no
Sync-log-by-ticks: yes
Features:
Counters:
--------------------------------------------------------------------------------
Packet capture
Enabled: yes
Snaplen: 0
Stage receive : file rc_temp
Captured: packets - 175971894 bytes - -393362184
Maximum: packets - 0 bytes - 0
Stage firewall : file fw_temp
Captured: packets - 7 bytes - 1672
Maximum: packets - 0 bytes - 0
Stage transmit : file tr_temp
Captured: packets - 141006802 bytes - 1012398910
Maximum: packets - 0 bytes - 0
Stage drop : file dr_temp
Captured: packets - 0 bytes - 0
Maximum: packets - 0 bytes - 0
--------------------------------------------------------------------------------
DP 1:
--------------------------------------------------------------------------------
Packet diagnosis setting:
--------------------------------------------------------------------------------
Packet filter
Enabled: yes
Match pre-parsed packet: no
Index 1: 172.18.100.196[0]->172.19.0.172[0], proto 0
ingress-interface any, egress-interface any, exclude non-IP
Index 2: 172.19.0.172[0]->172.18.100.196[0], proto 0
ingress-interface any, egress-interface any, exclude non-IP
Index 3: 172.24.22.145[0]->206.221.218.106[0], proto 0
ingress-interface any, egress-interface any, exclude non-IP
--------------------------------------------------------------------------------
Logging
Enabled: no
Log-throttle: no
Sync-log-by-ticks: yes
Features:
Counters:
--------------------------------------------------------------------------------
Packet capture
Enabled: yes
Snaplen: 0
Stage receive : file rc_temp
Captured: packets - 131565138 bytes - 1029127097
Maximum: packets - 0 bytes - 0
Stage firewall : file fw_temp
Captured: packets - 735 bytes - 681271
Maximum: packets - 0 bytes - 0
Stage transmit : file tr_temp
Captured: packets - 139289247 bytes - 1629492578
Maximum: packets - 0 bytes - 0
Stage drop : file dr_temp
Captured: packets - 0 bytes - 0
Maximum: packets - 0 bytes - 0
--------------------------------------------------------------------------------
admpatc@nwc-pan01(active)> view-pcap filter-pcap tem
<No files available> Directory is empty
<Enter> Finish input
admpatc@nwc-pan01(active)> view-pcap filter-pcap dr
<No files available> Directory is empty
<Enter> Finish input
admpatc@nwc-pan01(active)> view-pcap filter-pcap dr_temp
tcpdump: /opt/panlogs/session/pan/filters/dr_temp: No such file or directory
admpatc@nwc-pan01(active)>
admpatc@nwc-pan01(active)>
admpatc@nwc-pan01(active)>
admpatc@nwc-pan01(active)>
admpatc@nwc-pan01(active)> view-pcap filter-pcap dr_temp
tcpdump: /opt/panlogs/session/pan/filters/dr_temp: No such file or directory
admpatc@nwc-pan01(active)>
admpatc@nwc-pan01(active)>
admpatc@nwc-pan01(active)>
