Well on most of Linux distros, it’s very easy sniffing network packages using tcpdump, but on this case i need to sniff packages on HPUX, which doesnt have tcpdump installed.
So basically i have 2 options, install tcpdump on my hpux (which is very tricky because of limitation the sysadmin gave me), or simply by using HPUX’s build function for network sniffing, which is “nettl”.
On this example, im trying to sniff packages to and from a specific ip, first is creating a file which contain the target ip.
filter ip_saddr 192.168.0.11 filter ip_daddr 192.168.0.11
and i save it as /tmp/myfilter.
Next step is running nettl,
#this command is to start nettl nettl -tn 0x30800000 -e ns_ls_ip -size 1024 -tracemax 99999 -f /tmp/raw.tr #this command is to check nettl status nettl -status TRACE #this command is to filter sniffed network packages using filter netfmt -N -n -l -c /tmp/myfilter -f /tmp/raw.tr.TRC000 > /tmp/trace.output #this command is to stop nettl nettl -tf -e all
Many thanks for sharing Sir…