Subject: Rare project developers
List archive
- From: Everson Borges <>
- To:
- Subject: Re: [rare-dev] Is it possible connecting wireshark by ssh on freerouter?
- Date: Sat, 11 Dec 2021 16:15:34 -0300
cs, thanks for answer,
I'll try to configure and if I have doubts, I'll send a message again...heheh
Att.
Everson
Em sáb., 11 de dez. de 2021 às 04:05, mc36 <> escreveu:
hi,
i have bad and good news, both.... :)
bad news is that it won't go through ssh.... the rationale behind this is that packets over tcp is a bad idea in general....
good news is that you can do remote packet monitoring...
step1 would be to configure a tunnel of your preference to the capturing machine running wireshark...
you can pick up erspan, which is a cisco defined tunnel also available in freerouter and read fine with wireshark...
the other option would be packet over udp tunnel... the advantage of this is that it's udp and not a raw ip protocol...
this one also read by wireshark but you have to select the mirroring stream and right-click decode-as ethernet....
step2 is to initiate the mirroring itself... you have several options doing so...
for quick one-off sessions use the cli command "packet monitor ethernet1 tunnel666"
for persistent monitoring, you can configure it under the interface with monitor-? commands...
the one-off equvivalent version would be "inter eth1" "monitor-session tunnel666"
but please explore the options you have under monitor-?...
also please note that these commands will mirror the packets processed in software...
if you're using an external dataplane like p4emu or p4dpdk or so, those beasts have
some limitations like they cannot expose packets directly to a tunnel but to a hairpin
or an sdnX interface... refer the test cases of them to have some ideas....
regards,
cs
On 12/10/21 17:11, Everson Borges wrote:
> Hi all,
>
> Is it possible capturing packets on freerouter remotely with wireshark by ssh?
> I'm trying to capture packets on freerouter in real time by ssh.
>
> I'm wanting to do this setup because freerouter is installed on a desktop on my home network.
>
> My server ssh on freerouter is setup like that.
>
> !
> server telnet ssh
> security protocol ssh
> security authentication usr
> security rsakey rsa
> security dsakey dsa
> security ecdsakey ecdsa
> port 222
> exec colorized
> no exec authorization
> no login authentication
> vrf v1
> exit
> !
>
> --
> Att.
> Everson Scherrer Borges
Att.
Everson Scherrer Borges- [rare-dev] Is it possible connecting wireshark by ssh on freerouter?, Everson Borges, 12/10/2021
- Re: [rare-dev] Is it possible connecting wireshark by ssh on freerouter?, mc36, 12/11/2021
- Re: [rare-dev] Is it possible connecting wireshark by ssh on freerouter?, Everson Borges, 12/11/2021
- Re: [rare-dev] Is it possible connecting wireshark by ssh on freerouter?, mc36, 12/11/2021
Archive powered by MHonArc 2.6.19.