You are here: Home > CLI Commands > Just_CLI_Topics > packet-capture-defaults

packet-capture-defaults

packet‑capture

controlpath [interprocess {all |  <ports>}] [other] [sysmsg {all | <opcodes>] [tcp {all | <ports>}] [udp {all | <ports>}]

datapath {ipsec <peer-ip>} [wifi-client <mac-address> {decrypted | encrypted | all}]

destination [interface <slot/module/port>] [ip-address <ip-address>] [local-filesystem]

no

Description

Use this command to enable or disable packet capturing and define a set of default packet capturing options on the control path for debugging purposes.

Syntax

Parameter

Description

Default

controlpath

Enables controlpath packet capture. Captured packets are stored in /var/log/oslog/filter.pcap.

Only capture to local-filesystem is supported for controlpath capture.

Disabled

interprocess

Enables or disables interprocess packet capturing. . Specify up to ten comma-separated ports to capture; use all to sniff all ports. All CLICommand-Line Interface. A console interface with a command line shell that allows users to execute text input as commands and convert these commands to appropriate functions. ports, which are TCPTransmission Control Protocol. TCP is a communication protocol that defines the standards for establishing and maintaining network connection for applications to exchange data. , are always skipped.

Disabled

other

Enable or disable all other types of packets.

Disabled

sysmsg

Enable or disable internal messaging packets. Specify up to ten comma-separated opcodes to capture; use all to sniff all opcodes. All CLICommand-Line Interface. A console interface with a command line shell that allows users to execute text input as commands and convert these commands to appropriate functions. ports, which are TCPTransmission Control Protocol. TCP is a communication protocol that defines the standards for establishing and maintaining network connection for applications to exchange data. , are always skipped.

Disabled

tcp

Enable or disable TCPTransmission Control Protocol. TCP is a communication protocol that defines the standards for establishing and maintaining network connection for applications to exchange data. packet capturing. Specify up to ten comma-separated ports to capture; use all to sniff all TCPTransmission Control Protocol. TCP is a communication protocol that defines the standards for establishing and maintaining network connection for applications to exchange data. ports. All CLICommand-Line Interface. A console interface with a command line shell that allows users to execute text input as commands and convert these commands to appropriate functions. ports, which are TCPTransmission Control Protocol. TCP is a communication protocol that defines the standards for establishing and maintaining network connection for applications to exchange data. , are always skipped.

Disabled

udp

Enable or disable UDPUser Datagram Protocol. UDP is a part of the TCP/IP family of protocols used for data transfer. UDP is typically used for streaming media. UDP is a stateless protocol, which means it does not acknowledge that the packets being sent have been received. packet capturing. Specify up to ten comma-separated ports to capture; use all to sniff all UDPUser Datagram Protocol. UDP is a part of the TCP/IP family of protocols used for data transfer. UDP is typically used for streaming media. UDP is a stateless protocol, which means it does not acknowledge that the packets being sent have been received. ports. All CLICommand-Line Interface. A console interface with a command line shell that allows users to execute text input as commands and convert these commands to appropriate functions. ports, which are TCPTransmission Control Protocol. TCP is a communication protocol that defines the standards for establishing and maintaining network connection for applications to exchange data. , are always skipped.

Disabled

datapath

Enables datapath packet capture. Captured packets are stored in /var/log/oslog/datapath.pcap or mirrored out of the controller.

Disabled

ipsec <peer-ip>

Enable or disable IPsecInternet Protocol security. IPsec is a protocol suite for secure IP communications that authenticates and encrypts each IP packet in a communication session. packet capturing. Enter the IPsecInternet Protocol security. IPsec is a protocol suite for secure IP communications that authenticates and encrypts each IP packet in a communication session. peer IP address to specify a given peer.

NOTE: Capture to local-filesystem is not supported with this option.

Disabled

wifi-client <mac-address>

{decrypted | encrypted | all}

Enable or disable packet capturing from a wifi client. Specify the client device by entering the device's MACMedia Access Control. A MAC address is a unique identifier assigned to network interfaces for communications on a network. address.

Additionally, you can specify what type of traffic captured: decrypted, encrypted, or all.

Disabled

destination

Configures the capture destination.

interface

<slot/module/port>

Interface in <slot>/<module>/<port> format.

ip-address <ip-address>

Sends packet captures to a specific IP address.

local-filesystem

Stores captured packets on the controller in pcap files.

no

Negates any configured parameter.

 

Usage Guidelines

This command applies to control path packets; not datapath packets. Packets can be retrieved through the tar log command; look for the filter.pcap file. This command activates packet capture options on the current switch. They are not saved and applied across switches.

Example

The following command sets the default packet capture values to debug a wireless WEPWired Equivalent Privacy. WEP is a security protocol that is specified in 802.11b and is designed to provide a WLAN with a level of security and privacy comparable to what is usually expected of a wired LAN. station doing VPNVirtual Private Network. VPN enables secure access to a corporate network when located remotely. It enables a computer to send and receive data across shared or public networks as if it were directly connected to the private network, while benefiting from the functionality, security, and management policies of the private network. This is done by establishing a virtual point-to-point connection through the use of dedicated connections, encryption, or a combination of the two.. Once these default settings are defined, you can use the packet-capture command to enable packet capturing with these values. This example uses the following parameters and values:

Station up/down: sysmsg opcode 30

WEPWired Equivalent Privacy. WEP is a security protocol that is specified in 802.11b and is designed to provide a WLAN with a level of security and privacy comparable to what is usually expected of a wired LAN. key plumbing: sysmsg opcode 29

DHCPDynamic Host Configuration Protocol. A network protocol that enables a server to automatically assign an IP address to an IP-enabled device from a defined range of numbers configured for a given network. : sysmsg opcode 90

IKEInternet Key Exchange. IKE is a key management protocol used with IPsec protocol to establish a secure communication channel. IKE provides additional feature, flexibility, and ease of configuration for IPsec standard.: UDPUser Datagram Protocol. UDP is a part of the TCP/IP family of protocols used for data transfer. UDP is typically used for streaming media. UDP is a stateless protocol, which means it does not acknowledge that the packets being sent have been received. port 500 and 4500

Layer 2 Tunneling Protocol (L2TPLayer-2 Tunneling Protocol. L2TP is a networking protocol used by the ISPs to enable VPN operations. ): UDPUser Datagram Protocol. UDP is a part of the TCP/IP family of protocols used for data transfer. UDP is typically used for streaming media. UDP is a stateless protocol, which means it does not acknowledge that the packets being sent have been received. port 1701

(host) [mynode] (config)#packet‑capture-defaults sysmsg 30,29,90 udp 500,4500,1701,1812,1645

Use the show packet‑capture command to show the current action and the default values.

(host) [mynode] (config)#show packet-capture

 

Current Active Packet Capture Actions(current switch)

=====================================================

Packet filtering TCP with 2 port(s) enabled:

2

1

Packet filtering UDP with 1 port(s) enabled:

1

Packet filtering for internal messaging opcodes disabled.

Packet filtering for all other packets disabled.

 

 

Packet Capture Defaults(across switches and reboots if saved)

============================================================

Packet filtering TCP with 2 port(s) enabled:

2

1

Packet filtering UDP with 1 port(s) enabled:

1

Command History

Release

Modification

ArubaOS 8.0.0.0

Command Introduced.

Command Information

Platforms

License

Command Mode

All platforms

Base operating system.

Config mode on Mobility Master.

/*]]>*/