Ethereal-dev: Re: [Ethereal-dev] Cisco undocumented comand for capturing IP packets

Note: This archive is from the project's previous web site, ethereal.com. This list is no longer active.

Date Index Thread Index Other Months All Mailing Lists
Date Prev Date Next Thread Prev Thread Next
From: Ashok Narayanan <ashokn@xxxxxxxxx>
Date: Mon, 16 Oct 2000 13:02:23 -0400
> Ashok Narayanan wrote:
> 
> > I don't believe there is one. Internally we do use "debug ip packet"
> > for some debugging scenarios, but if we want to capture or generate
> > packets we have to boot a special internal image.
> > 
> > -Ashok
> > 
> > --- Asok the Intern ----------------------------------------
> 
> Hum, this sounds very interesting.
> 
> And booting such a special internal image, would allow to capture raw
> data on some interface (WAN,LAN or whatsoever) and put that data on a
> tftp/ftp/some server for future analysis ?

Yeah, you can set up a memory buffer to capture packets into. You can
then write those packets into a TFTP server. Unfortunately Cisco does
not make this functionality available to customers.

> I am asking you this because I want to study the WAN/LAN protocols in
> detail and I do not have money to buy a WAN protocol analyzer.
> For instance, how should I capture raw HDLC/LAPD/FrameRelay/a.s.o
> protocols for study ?

It's a tough one. I don't really know of a good way, unless you can
somehow get Frame Relay or PPP encap to run point-to-point from your
PC to a serial interface on your router. You could then grab all the
packets from the PC end.

-Ashok



--- Asok the Intern ----------------------------------------
Ashok Narayanan
IOS Network Protocols, Cisco Systems
250 Apollo Drive, Chelmsford, MA 01824
Ph: 978-244-8387.  Fax: 978-244-8126 (Attn: Ashok Narayanan)

                       "31337 h4x0r d00dz r00lz" - Anonymous