AIX

AIX

Connect with fellow AIX users and experts to gain knowledge, share insights, and solve problems.


#Power
 View Only

  • 1.  Capture Network Packets from AIX

    Posted Wed January 07, 2009 09:22 AM

    Originally posted by: SystemAdmin


    Hi,

    I am using smitty to create and configure a print queue. I am giving a print of a text file to the print queue created. I am using this in network.
    How to capture network packets of the print from AIX to the printer and printer to AIX.

    I tried Wireshark to capture network packets.
    I am able to get only 'ack' packets that has been sent from printer to AIX.
    I want to capture network packets from both the sides.

    I tried this using a 10Mbps hub with Windows PC with Wireshark installed, AIX and Printer.
    but if i connect only these 3 using 10Mbps hub i am not able to ping from AIX to windows or printer.

    Please help.
    #AIX-Forum


  • 2.  Re: Capture Network Packets from AIX

    Posted Wed January 07, 2009 09:26 AM

    Originally posted by: tony.evans


    On your AIX server,

    man iptrace
    #AIX-Forum


  • 3.  Re: Capture Network Packets from AIX

    Posted Tue January 13, 2009 06:31 AM

    Originally posted by: SystemAdmin


    Hi,

    Thanks for the reply.

    I used the below command to capture network packets.

    /usr/sbin/iptrace -a -i en0 iptrace.out &
    ipreport -r -s iptrace.out >/ipreport.network

    and i could see the network packets captured to and fro the AIX and printer.

    Actually I want to print from AIX to printer and capture the packets that has been sent from AIX and ack received from printer.
    Both I am able to receive thru' the iptrace command.

    Actually i want to capture it in wireshark(both to and fro packets).
    Wireshark is capturing more TCP datas than iptrace. but only issue is I am getting only ack packets from printer.
    Please help how to get both to and fro packets transformation from AIX.
    or the iptrace command to list complete details of the TCP packets.

    Thanks,
    #AIX-Forum


  • 4.  Re: Capture Network Packets from AIX

    Posted Wed January 14, 2009 05:31 AM

    Originally posted by: hdkutz


    Hello,
    perhabs
    1. tcpdump
    is the right solution for your needs.
    E.G.:
    1. tcpdump -I -i en? host YOUR_PRINTER_DNS_NAME_OR_IP
    means:
    -I = immediate capture the data
    -i = which interface to use
    host = which hostname should be monitored
    tcpdump is available from the aixtoolbox. It is also possible to put the output in a file. You could import the result in wireshark.
    The man page will give you an explanation of all command-switches.

    Cheers,
    ku
    #AIX-Forum


  • 5.  Re: Capture Network Packets from AIX

    Posted Thu January 15, 2009 06:50 AM

    Originally posted by: SystemAdmin


    Hi,
    Thanks for the reply.

    If i execute that command following error message is displayed.

    tcpdump: BIOCSETIF: en0: Do not specify an existing file.

    Please help me out in solving the error.

    After capturing the data from the below command, i am using ipreport command to redirect it.I am not able to open this in Wireshark as explained in http://www.wireshark.org/docs/man-pages/wireshark.html.

    /usr/sbin/iptrace -a -i en0 iptrace.out &
    ipreport -r -s iptrace.out >/ipreport.network
    #AIX-Forum


  • 6.  Re: Capture Network Packets from AIX

    Posted Thu January 15, 2009 08:31 AM

    Originally posted by: hdkutz


    Hello,
    http://archive.rootvg.net/cgi-bin/anyboard.cgi/aix?cG=83530363&cmd=get&gV=0&p=&v=2&zu=38353036
    http://www.ibm.com/developerworks/forums/thread.jspa?threadID=128944
    maybe another application uses the same hooks tcpdump uses.
    Are you sure that the iptrace command(s) is(are) stopped on your machine?
    Did you stop the trace with something like
    stopsrc -s iptrace
    (only if started via SRC-Subsystem)
    or
    http://publib.boulder.ibm.com/infocenter/pseries/v5r3/index.jsp?topic=/com.ibm.aix.cmds/doc/aixcmds5/trcstop.htm
    trcstop command?

    Cheers,
    ku
    #AIX-Forum


  • 7.  Re: Capture Network Packets from AIX

    Posted Thu January 15, 2009 11:10 PM

    Originally posted by: SystemAdmin


    Hi,

    Thank you all for your support.

    I am able to capture all network packets using the below commands.

    1. startsrc -s iptrace -a "-i en1 /home/testing/iptrace/iptracelog"
    2. print
    3. stopsrc -s iptrace

    Ref:http://www.ibm.com/developerworks/aix/library/au-aixoptimization-netperform3/index.html

    I am able to view the captured file using Wireshark also.

    Thank you all...
    #AIX-Forum


  • 8.  Re: Capture Network Packets from AIX

    Posted Wed January 21, 2009 01:22 AM

    Originally posted by: SystemAdmin


    Hi,

    When i try to change the Ethernet adapter setting in AIX, I am getting error message.

    Command:
    chdev -l 'ent0' -a media_speed='10_Full_Duplex'

    Error:
    Method error (/usr/lib/methods/chgent):
    0514-062 Cannot perform the requested function because the specified device is busy.

    How to stop the process so that i can change the speed?
    #AIX-Forum


  • 9.  Re: Capture Network Packets from AIX

    Posted Wed January 21, 2009 05:20 AM

    Originally posted by: hdkutz


    Hello,
    you tried to change the interface settings when the interface is in use!
    Simply do
    chdev -l <INTERFACE> -a state=down
    chdev -l <INTERFACE> -a state=detach

    Then do your chdev changing your network speed.
    After that
    chdev -l <INTERFACE> -a state=up

    If your defaultroute is bound to this interface, reactivate the defaultroute with
    mkdev -l inet0

    HTH,
    ku
    #AIX-Forum


  • 10.  Re: Capture Network Packets from AIX

    Posted Thu January 22, 2009 03:18 AM

    Originally posted by: SystemAdmin


    Hi,

    Thanks for the solution.
    #AIX-Forum


Related Content