Žilinská univerzita > Fakulta riadenia a informatiky > Katedra informačných sietí


Parsing OSPF packets using tcpdump

Sometimes we need to capture and parse OSPF packets for next analysis and we have a comand line only, in my case on linux server with dynamips. We should use tcpdump tool for this purpose, of course, several ways are available.

Capturing OSPF packets on the fly

tcpdump -i eth0 ip[9] == 89

where OSPF ip protocol number is 89, and the protocol field is the 9th octet on the ip header.

Another way is:

tcpdump -i eth0 proto ospf

Writing captured packets to a file

Syndicate content