Created
August 7, 2019 10:24
-
-
Save idosch/166b64384577174230fd2523866f6b1c to your computer and use it in GitHub Desktop.
dropwatch and tshark example
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| dropwatch> set alertmode packet | |
| Setting alert mode | |
| Alert mode successfully set | |
| dropwatch> | |
| dropwatch> set trunc 64 | |
| Setting truncation length to 64 | |
| Truncation length successfully set | |
| dropwatch> | |
| dropwatch> show | |
| Getting existing configuration | |
| Alert mode: Packet | |
| Truncation length: 64 | |
| Queue length: 1000 | |
| dropwatch> | |
| dropwatch> start | |
| Enabling monitoring... | |
| Kernel monitoring activated. | |
| Issue Ctrl-C to stop monitoring | |
| drop at: br_stp_rcv+0x1ac/0x1190 [bridge] (0xffffffffc03bcf9c) | |
| input port ifindex: 3 | |
| timestamp: Wed Aug 7 13:17:56 2019 855655661 nsec | |
| length: 64 | |
| original length: 119 | |
| drop at: ip6_mc_input+0x8b8/0xf00 [ipv6] (0xffffffffc01fa258) | |
| input port ifindex: 3 | |
| timestamp: Wed Aug 7 13:17:58 2019 431543901 nsec | |
| length: 64 | |
| original length: 114 |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Linux netlink (cooked header) | |
| Link-layer address type: Netlink (824) | |
| Family: Generic (0x0010) | |
| Linux Generic Netlink protocol | |
| Netlink message header (type: 0x0018) | |
| Length: 324 | |
| Family ID: 0x18 (NET_DM) | |
| Flags: 0x0000 | |
| .... .... .... ...0 = Request: 0 | |
| .... .... .... ..0. = Multipart message: 0 | |
| .... .... .... .0.. = Ack: 0 | |
| .... .... .... 0... = Echo: 0 | |
| .... .... ...0 .... = Dump inconsistent: 0 | |
| .... .... ..0. .... = Dump filtered: 0 | |
| Sequence: 0 | |
| Port ID: 0 | |
| Command: Drop alert (packet) (5) | |
| Family Version: 2 | |
| Reserved | |
| Linux net_dm (network drop monitor) protocol | |
| Attribute: Packet origin | |
| Len: 6 | |
| Type: 0x000d, Packet origin (13) | |
| 0... .... .... .... = Nested: 0 | |
| .0.. .... .... .... = Network byte order: 0 | |
| Attribute type: Packet origin (13) | |
| Packet origin: Software (0) | |
| Attribute: Drop location (PC): 0xffffffff8e86b345 | |
| Len: 12 | |
| Type: 0x0002, Drop location (PC) (2) | |
| 0... .... .... .... = Nested: 0 | |
| .0.. .... .... .... = Network byte order: 0 | |
| Attribute type: Drop location (PC) (2) | |
| Program counter: 0xffffffff8e86b345 | |
| Attribute: Drop location (symbol): ip6_mc_input+0x235/0x2a0 | |
| Len: 29 | |
| Type: 0x0003, Drop location (symbol) (3) | |
| 0... .... .... .... = Nested: 0 | |
| .0.. .... .... .... = Network byte order: 0 | |
| Attribute type: Drop location (symbol) (3) | |
| Symbol: ip6_mc_input+0x235/0x2a0 | |
| Attribute: Input port | |
| Len: 12 | |
| Type: 0x8004, Nested, Input port (4) | |
| 1... .... .... .... = Nested: 1 | |
| .0.. .... .... .... = Network byte order: 0 | |
| Attribute type: Unknown (32772) | |
| Attribute: Net device index: 4 | |
| Len: 8 | |
| Type: 0x0000, Net device index (0) | |
| 0... .... .... .... = Nested: 0 | |
| .0.. .... .... .... = Network byte order: 0 | |
| Attribute type: Net device index (0) | |
| Port net device index: 4 | |
| Attribute: Timestamp | |
| Len: 20 | |
| Type: 0x0005, Timestamp (5) | |
| 0... .... .... .... = Nested: 0 | |
| .0.. .... .... .... = Network byte order: 0 | |
| Attribute type: Timestamp (5) | |
| Timestamp: Aug 4, 2019 20:22:25.198937052 IDT | |
| Attribute: Original length: 206 | |
| Len: 8 | |
| Type: 0x0009, Original length (9) | |
| 0... .... .... .... = Nested: 0 | |
| .0.. .... .... .... = Network byte order: 0 | |
| Attribute type: Original length (9) | |
| Original length: 206 | |
| Attribute: Payload | |
| Len: 210 | |
| Type: 0x0006, Payload (6) | |
| 0... .... .... .... = Nested: 0 | |
| .0.. .... .... .... = Network byte order: 0 | |
| Attribute type: Payload (6) | |
| Ethernet II, Src: 24:8a:07:3f:8c:6e (24:8a:07:3f:8c:6e), Dst: 33:33:00:01:00:02 (33:33:00:01:00:02) | |
| Destination: 33:33:00:01:00:02 (33:33:00:01:00:02) | |
| Address: 33:33:00:01:00:02 (33:33:00:01:00:02) | |
| .... ..1. .... .... .... .... = LG bit: Locally administered address (this is NOT the factory default) | |
| .... ...1 .... .... .... .... = IG bit: Group address (multicast/broadcast) | |
| Source: 24:8a:07:3f:8c:6e (24:8a:07:3f:8c:6e) | |
| Address: 24:8a:07:3f:8c:6e (24:8a:07:3f:8c:6e) | |
| .... ..0. .... .... .... .... = LG bit: Globally unique address (factory default) | |
| .... ...0 .... .... .... .... = IG bit: Individual address (unicast) | |
| Type: IPv6 (0x86dd) | |
| Internet Protocol Version 6, Src: fe80::268a:7ff:fe3f:8c6e, Dst: ff02::1:2 | |
| 0110 .... = Version: 6 | |
| .... 0000 0000 .... .... .... .... .... = Traffic Class: 0x00 (DSCP: CS0, ECN: Not-ECT) | |
| .... 0000 00.. .... .... .... .... .... = Differentiated Services Codepoint: Default (0) | |
| .... .... ..00 .... .... .... .... .... = Explicit Congestion Notification: Not ECN-Capable Transport (0) | |
| .... .... .... 0011 1010 0111 1000 1010 = Flow Label: 0x3a78a | |
| Payload Length: 152 | |
| Next Header: UDP (17) | |
| Hop Limit: 1 | |
| Source: fe80::268a:7ff:fe3f:8c6e | |
| Destination: ff02::1:2 | |
| [Source SA MAC: 24:8a:07:3f:8c:6e (24:8a:07:3f:8c:6e)] | |
| User Datagram Protocol, Src Port: 546, Dst Port: 547 | |
| Source Port: 546 | |
| Destination Port: 547 | |
| Length: 152 | |
| Checksum: 0x6b43 [unverified] | |
| [Checksum Status: Unverified] | |
| [Stream index: 6] | |
| [Timestamps] | |
| [Time since first frame: 0.000000000 seconds] | |
| [Time since previous frame: 0.000000000 seconds] |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment