Sophos XG Firewall Packet Capture , TCP Dump

Merhabalar,

Sophos XG Firewall üzerinde TCP dump yapabilmek için aşağıdaki komutları kullanabilirsiniz.

CLI\5. Device Management\3. Advanced Shell

How to view traffic of a…tcpdump commandExample
specific hosttcpdump ‘host <ipaddress>‘tcpdump ‘host 10.10.10.1’
specific source hosttcpdump ‘src host <ipaddress>‘tcpdump ‘src host 10.10.10.1’
specific destination hosttcpdump ‘dst host <ipaddress>‘tcpdump ‘dst host 10.10.10.1’
specific networktcpdump ‘net <network address>‘tcpdump ‘net 10.10.10’
specific source networktcpdump ‘src net <network address>‘tcpdump ‘src net 10.10.10’
specific destination networktcpdump ‘dst net <network address>‘tcpdump ‘dst net 10.10.10’
specific porttcpdump ‘port <port-number>‘tcpdump ‘port 21’
specific source porttcpdump ‘src port <port-number>‘tcpdump ‘src port 21’
specific destination porttcpdump ‘dst port <port-number>‘tcpdump ‘dst port 21’
specific host for the particular porttcpdump ‘host <ipaddress> and port <port-number>‘tcpdump ‘host 10.10.10.1 and port 21’
the specific host for all the ports except SSHtcpdump ‘host <ipaddress> and port not <port-number>‘tcpdump ‘host 10.10.10.1 and port not 22’
specific protocoltcpdump ‘proto ICMP’ tcpdump ‘proto UDP’ tcpdump ‘proto TCP’ tcpdump ‘arp’
particular interfacetcpdump interface <interface>tcpdump interface PortB
specific port of a particular interfacetcpdump interface <interface> ‘port <port-number>‘tcpdump interface PortB ‘port 21’

Umarım sizler için faydalı bir paylaşım olmuştur.
Fırat Meray | Network and Information Security Specialist