How to Sniff Network Packages on HPUX Filtered By A Specific IP

Well on most of Linux distros, it’s very easy sniffing network packages using tcpdump, but on this case i need to sniff packages on HPUX, which doesnt have tcpdump installed.

So basically i have 2 options, install tcpdump on my hpux (which is very tricky because of limitation the sysadmin gave me), or simply by using HPUX’s build function for network sniffing, which is “nettl”.

On this example, im trying to sniff packages to and from a specific ip, first is creating a file which contain the target ip.

filter ip_saddr 192.168.0.11
filter ip_daddr 192.168.0.11

and i save it as /tmp/myfilter.

Next step is running nettl,

#this command is to start nettl
nettl -tn 0x30800000 -e ns_ls_ip -size 1024 -tracemax 99999 -f /tmp/raw.tr

#this command is to check nettl status
nettl -status TRACE

#this command is to filter sniffed network packages using filter
netfmt -N -n -l -c /tmp/myfilter -f /tmp/raw.tr.TRC000 > /tmp/trace.output

#this command is to stop nettl
nettl -tf -e all 
Google+

1 Comment

Bhanu

about 9 months ago

Many thanks for sharing Sir...

Reply

Leave a Comment

Please be polite. We appreciate that.
Your email address will not be published and required fields are marked


:-[ (B) (^) (P) (@) (O) (D) :-S ;-( (C) (&) :-$ (E) (~) (K) (I) (L) (8) :-O (T) (G) (F) :-( (H) :-) (*) :-D (N) (Y) :-P (U) (W) ;-)