capture command vs. debug packet command

Unanswered Question
Oct 6th, 2005
User Badges:

hi everyone,

Is there a way you can filter the src and dst Ip address on capture command? I find it very hard to troubleshoot the firewall using the capture command because it capture all the packets unlike the old debug packet command which is very specific.

It has been very helpful to be able to filter the packet based on src,dst,protocol,port,etc. and it will only appear on the screen when there is a match.

is there a way that cisco return the old debug packet command on their next maintenance update for v7.0(2).



  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 0 (0 ratings)
Patrick Iseli Thu, 10/06/2005 - 17:13
User Badges:
  • Gold, 750 points or more

You just have to create an access-list with the source and destination IP and the protocol that you want to troubleshoot. As it is the case for TCPDUMP or Ethereal.

See examples in Command Reference Guide:

This example shows that the traffic is captured from an outside host at to an inside HTTP server:

hostname(config)# access-list http permit tcp host eq http host

hostname(config)# access-list http permit tcp host host eq http

hostname(config)# capture http access-list http packet-length 74 interface inside




This Discussion