User manual
Chapter 4 - Layer 3 Command Set - IP Networking Bpf Command (Berkeley Packet Filter)
Alvarion BreezeNET B130/B300 GigE 190 Operational User Manual
4.11 Bpf Command (Berkeley Packet Filter)
The command enables packet capturing mode (Berkeley Packet Filter)
Syntax:
bpf interface PARAMS
PARAMS are: ADDR PORT [LEN] [-promisc] | - | stop
-f "pcap filter expression"
Description:
The packet capturing mode, which is enabled by "bpf interface ADDR PORT"
command and disabled by "bpf interface -" command, allows replicating entire
information flow through any of the system interface and forwarding the replica to
a remote workstation for subsequent analysis and check. The filter does not
interfere with normal operation of the router.
Because of limited memory capacity and CPU speed, the device software is not
capable itself of sorting and analyzing data flows. The bpf command helps to
perform thorough analysis on any network workstation, even in real time.
Each packet of the data flow through the specified interface (together with its MAC
header) is sent using the UDP protocol to a remote workstation at the specified
address and port.
Parameters are as follows:
ADDR: the IP address of the destination of the replicated data stream.
PORT: the number of the port to which the replicated data stream should be
sent.
[LEN]: specifies a number of bytes from the beginning of the packet that will be
send for analysis.
[-promisc]: when enabled captures only those packets that are appointed to
the given device. When disabled captures all the packets.
- | stop: disables "bpf" command.
bpf -f - allows to set pcap filter.
Example: