Capturing the packets on a given interface is vital for troubleshooting problems caused by the application or even network. The commercial servers have multiple Ethernet cards some of which are active and others in a standby mode. In this situation, we must for know which interface card is active and then make the trace on that interface. The following command will reveal the active interfaces.

SUNOS # pnmstat –l

group   adapters        status  fo_time          act_adp
nafo0   ce1:ce3           OK         49747670        ce2

As we can see under the column name act_adp, the current active adapter is ce2. After knowing the active interface, we run the following command:

SYNTAX:

snoop -d <device/NIC> -t <Relative(r),Absolute(a) or Delta(d)> -x <Hex dump from offset for length> -o <File Name> port <Port Number>

EXAMPLE:

SUNOS # snoop -d ce2 -t a -x 42 -o Capture.snoop port 1800

The above command will capture the packets on ce2 network interface card and port 1800, it will store the output in the file Capture.snoop which can later be read with Wire Shark software.

There are several options that can be used with the snoop command, they are given below:

        [ -a ]                        # Listen to packets on audio
        [ -d device ]           # Network interface to snoop (le?, ie?, bf?, tr?)
        [ -s snaplen ]         # Truncate packets
        [ -c count ]            # Quit after count packets
        [ -P ]                     # Turn OFF promiscuous mode
        [ -D ]                    # Report dropped packets
        [ -S ]                    # Report packet size
        [ -i file ]              # Read previously captured packets
        [ -o file ]             # Capture packets in file
        [ -n file ]             # Load addr-to-name table from file
        [ -N ]                  # Create addr-to-name table
        [ -t  r|a|d ]         # Time: Relative, Absolute or Delta
        [ -v ]                   # Verbose packet display
        [ -V ]                   # Show all summary lines
        [ -p first[,last] ]          # Select packet(s) to display
        [ -x offset[,length] ]  # Hex dump from offset for length
        [ -C ]                  # Print packet filter code
        [ -q ]                  # Suppress printing packet count
        [ -r ]                  # Do not resolve address to name

Adnan Khurshid

Adnan Khurshid, the author of this article, has been working in a telecommunication sector since 2007. He has worked there as a VAS (Value Added Services) engineer and has excelled remarkably in the field. Working in this field has been his passion and he has always made efforts to keep himself up to date. Find more about him on LinkedIn

More Posts

Tags: , ,

1 Comment on How to capture packets on Ethernet interface in SUN Solaris

  1. math games says:

    thanks

Leave a Reply