sniffer-packet
Capture network packets.
Usage
execute sniffer-packet <port> <filter> <count> <timestamp_format> <verbose>
Arguments
Argument |
Description |
---|---|
port |
Enter the name of the network interface on which to capture packets. The following values are accepted:
Enter any to capture packets on all interfaces. |
filter |
Enter none to capture all packets, or enter a filter that specifies which protocols and port numbers to capture, such as The filter uses the following syntax: '[[src|dst] host {<host1_fqdn> | <host1_ipv4>}] [and|or] [[src|dst] host {<host2_fqdn> | <host2_ipv4>}] [and|or] [[arp|ip|gre|esp|udp|tcp] port <port1_int>] [and|or] [[arp|ip|gre|esp|udp|tcp] port <port2_int>]' To display only the traffic between two hosts, specify the IP addresses of both hosts. To display only forward or only reply packets, indicate which host is the source and which is the destination. For example, to display UDP port 1812 traffic between 'udp and port 1812 and src host 1.example.com and dst ( 2.example.com or 2.example.com )' |
count |
Enter the number of packets to capture. |
timestamp_format |
Enter the timestamp format to use in the output. Enter one of the following:
|
verbose |
Enter the verbosity level of the output. The following numeric values are accepted:
For troubleshooting purposes, Fortinet Technical Support may request the most verbose level (3). |