I am trying to determine the root of an issue I am having. How can I watch traffic destined to a specific port on my CentOS 5.1 box to see if its even hitting it? It would be udp traffic. Thanks! jlc -------------- next part -------------- An HTML attachment was scrubbed... URL: <http://lists.centos.org/pipermail/centos/attachments/20080520/d5066957/attachment-0005.html>
Joseph L. Casale wrote:> > I am trying to determine the root of an issue I am having. > How can I watch traffic destined to a specific port on my CentOS 5.1 > > box to see if its even hitting it? It would be udp traffic. > > > > Thanks! > jlc > > ------------------------------------------------------------------------ > > _______________________________________________ > CentOS mailing list > CentOS at centos.org > http://lists.centos.org/mailman/listinfo/centos >If you're using IPTABLES on your CentOS box, then you can "watch" the traffic hit your rules using "watch -d iptables -nvL". The -d will highlight changes (so you can spot them) and you should see the number of packets change as each packet is processed by your rules. If you have a specific chain name that deals with your port, then add that after the -nvL in the command - e.g. "watch -d iptables -nvL myChain" Ian -------------- next part -------------- A non-text attachment was scrubbed... Name: smime.p7s Type: application/x-pkcs7-signature Size: 3617 bytes Desc: S/MIME Cryptographic Signature URL: <http://lists.centos.org/pipermail/centos/attachments/20080521/018c85cc/attachment-0005.bin>
Joseph L. Casale wrote:> I am trying to determine the root of an issue I am having. > How can I watch traffic destined to a specific port on my CentOS 5.1 > > box to see if its even hitting it? It would be udp traffic.# yum install wireshark # tshark udp port 1234
On Tuesday 20 May 2008 8:57:08 Joseph L. Casale wrote:> I am trying to determine the root of an issue I am having. > How can I watch traffic destined to a specific port on my CentOS 5.1 > box to see if its even hitting it? It would be udp traffic. > > Thanks! > jlcTry tcpdump -i <interface> udp port <port>. -Chris
Joseph L. Casale wrote:> I am trying to determine the root of an issue I am having. > How can I watch traffic destined to a specific port on my CentOS 5.1 > box to see if its even hitting it? It would be udp traffic.Use wireshark if you are logged in with a gui. In text mode use tcpdump. In either you can specify a filter with protocol, source and/or destination addresses and port number. Something like tcpdump -i eth0 udp might be enough if you don't have a lot of traffic or tcpdump -i eth0 udp and port portnumber to narrow it down more. -- Les Mikesell lesmikesell at gmail.com