Mailing List Archive: dm raw command output

dm raw command output

Jan 19, 2006, 1:08 PM

Post #1 of 5 (1789 views)

Hello,

what is the full command sequence for dm raw subcommands?
I wanna look at the traffic as it flows through my router. I was told
that is done with "dm raw mode brief" command, but I cannot get an output.
Should I look at the console, or there is an option redirecting output
to where I want?

Thank you.

--
With best regards,
GRED-RIPE

dm raw command output [ In reply to ]

vandusb at attens

Jan 19, 2006, 1:22 PM

Post #2 of 5 (1780 views)

Permalink

You will also probably want to set a maximum with dm raw max <# of packets>
typically a 100 or so at a time is nice on everything.

Then just type dm raw all by itself to start dumping packets to your
terminal. type dm raw again to turn it off if you don't have a maximum set
or you want to break out of it sooner.

This is only for packets going to the CPU, you won't see any packets that
are being switched by the hardware.

-Brent

At 10:08 AM 1/19/2006, Gregory Edigarov wrote:
>Hello,
>
>what is the full command sequence for dm raw subcommands?
>I wanna look at the traffic as it flows through my router. I was told
>that is done with "dm raw mode brief" command, but I cannot get an output.
>Should I look at the console, or there is an option redirecting output
>to where I want?
>
>Thank you.
>
>
>--
>With best regards,
> GRED-RIPE
>
>_______________________________________________
>foundry-nsp mailing list
>foundry-nsp at puck.nether.net
>http://puck.nether.net/mailman/listinfo/foundry-nsp

dm raw command output [ In reply to ]

steve at telecomplete

Jan 19, 2006, 1:35 PM

Post #3 of 5 (1804 views)

Permalink

without looking, this should work for you:

dm raw filter 0 in-port xx [whatever port you want to view]
dm raw max 50 [limit to 50 packets]
dm raw mode brief [one packet per line, brief]
dm raw [.go! type again to stop before you hit the max limit if you want]

you need to delete the filter if you want to change the criteria, something like
'dm raw filter all none' .. you should be able to work it out from the cli help

Steve

On Thu, 19 Jan 2006, Gregory Edigarov wrote:

> Hello,
>
> what is the full command sequence for dm raw subcommands?
> I wanna look at the traffic as it flows through my router. I was told
> that is done with "dm raw mode brief" command, but I cannot get an output.
> Should I look at the console, or there is an option redirecting output
> to where I want?
>
> Thank you.
>
>
>

dm raw command output [ In reply to ]

Cliff at kodakgallery

Jan 19, 2006, 3:41 PM

Post #4 of 5 (1814 views)

Permalink

Also keep in mind that dm raw only shows packets that hit the CPU.
Mostly broadcast, multicast and packets with a destination of the switch
itself.

I've mostly found it useful for tracking down rogue network equipment
running spanning-tree and detecting a host sending out flow control
PAUSE frames.

-----Original Message-----
From: foundry-nsp-bounces@puck.nether.net
[mailto:foundry-nsp-bounces at puck.nether.net] On Behalf Of Stephen J.
Wilcox
Sent: Thursday, January 19, 2006 10:35 AM
To: Gregory Edigarov
Cc: foundry-nsp at puck.nether.net
Subject: Re: [f-nsp] dm raw command output

without looking, this should work for you:

dm raw filter 0 in-port xx [whatever port you want to view]
dm raw max 50 [limit to 50 packets]
dm raw mode brief [one packet per line, brief]
dm raw [.go! type again to stop before you hit the max limit if you want]

you need to delete the filter if you want to change the criteria,
something like
'dm raw filter all none' .. you should be able to work it out from the
cli help

Steve

On Thu, 19 Jan 2006, Gregory Edigarov wrote:

> Hello,
>
> what is the full command sequence for dm raw subcommands?
> I wanna look at the traffic as it flows through my router. I was
told
> that is done with "dm raw mode brief" command, but I cannot get an
output.
> Should I look at the console, or there is an option redirecting output

> to where I want?
>
> Thank you.
>
>
>

_______________________________________________
foundry-nsp mailing list
foundry-nsp at puck.nether.net
http://puck.nether.net/mailman/listinfo/foundry-nsp

dm raw command output [ In reply to ]

greg at velcom

Jan 19, 2006, 3:56 PM

Post #5 of 5 (1800 views)

Permalink

Everybody,

Thanks for all your replys.

Cliff Fogle wrote:

>Also keep in mind that dm raw only shows packets that hit the CPU.
>Mostly broadcast, multicast and packets with a destination of the switch
>itself.
>
>I've mostly found it useful for tracking down rogue network equipment
>running spanning-tree and detecting a host sending out flow control
>PAUSE frames.
>
>-----Original Message-----
>From: foundry-nsp-bounces at puck.nether.net
>[mailto:foundry-nsp-bounces at puck.nether.net] On Behalf Of Stephen J.
>Wilcox
>Sent: Thursday, January 19, 2006 10:35 AM
>To: Gregory Edigarov
>Cc: foundry-nsp at puck.nether.net
>Subject: Re: [f-nsp] dm raw command output
>
>without looking, this should work for you:
>
>dm raw filter 0 in-port xx [whatever port you want to view]
>dm raw max 50 [limit to 50 packets]
>dm raw mode brief [one packet per line, brief]
>dm raw [.go! type again to stop before you hit the max limit if you want]
>
>you need to delete the filter if you want to change the criteria,
>something like
>'dm raw filter all none' .. you should be able to work it out from the
>cli help
>
>Steve
>
>On Thu, 19 Jan 2006, Gregory Edigarov wrote:
>
>
>
>>Hello,
>>
>>what is the full command sequence for dm raw subcommands?
>>I wanna look at the traffic as it flows through my router. I was
>>
>>
>told
>
>
>>that is done with "dm raw mode brief" command, but I cannot get an
>>
>>
>output.
>
>
>>Should I look at the console, or there is an option redirecting output
>>
>>
>
>
>
>>to where I want?
>>
>>Thank you.
>>
>>
>>
>>
>>
>
>_______________________________________________
>foundry-nsp mailing list
>foundry-nsp at puck.nether.net
>http://puck.nether.net/mailman/listinfo/foundry-nsp
>
>
>
>
>