capture command vs. debug packet command

Unanswered Question
Oct 6th, 2005
User Badges:

hi everyone,


Is there a way you can filter the src and dst Ip address on capture command? I find it very hard to troubleshoot the firewall using the capture command because it capture all the packets unlike the old debug packet command which is very specific.


It has been very helpful to be able to filter the packet based on src,dst,protocol,port,etc. and it will only appear on the screen when there is a match.


is there a way that cisco return the old debug packet command on their next maintenance update for v7.0(2).


Cheers,


Benj

  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 0 (0 ratings)
Loading.
Patrick Iseli Thu, 10/06/2005 - 17:13
User Badges:
  • Gold, 750 points or more

You just have to create an access-list with the source and destination IP and the protocol that you want to troubleshoot. As it is the case for TCPDUMP or Ethereal.


See examples in Command Reference Guide:

http://www.cisco.com/en/US/products/sw/secursw/ps2120/products_command_reference_chapter09186a008045277a.html#wp1825593



This example shows that the traffic is captured from an outside host at 171.71.69.234 to an inside HTTP server:


hostname(config)# access-list http permit tcp host 10.120.56.15 eq http host 171.71.69.234


hostname(config)# access-list http permit tcp host 171.71.69.234 host 10.120.56.15 eq http


hostname(config)# capture http access-list http packet-length 74 interface inside


sincerely

Patrick


Actions

This Discussion