Ptrace
This command lets you monitor network traffic at the packet level. Use the following command:
ptrace <filter name>
Note that if you type the command without specifying a packet filter, ptrace is disabled.
Keep in mind that this packet filter does not function like an output or input packet filter. It does not discard packets that do not meet its rules, it simply reports on those packets which do meet its criteria.
When the command is issued, all packets received by the NETServer are evaluated against the packet filter specified in the command. If a packet meets the filter’s criteria, a message is displayed on the command line. The message includes informa- tion on the source and destination of the packet, the protocol used, and information specific to that protocol.
When accessing the NETServer via a Telnet session, make sure you filter out the administrative Telnet packets. Otherwise, ptrace will report packets from the administrator’s own ptrace output, causing a large amount of unusable packet tracing information.
The following is an example filter for PTRACE:
1 deny 0.0.0.0/0 0.0.0.0/0 tcp src eq 23
2 deny 0.0.0.0/0 0.0.0.0/0 tcp dst eq 23
3 permit 0.0.0.0/0 0.0.0.0/0
This example filters out all Telnet packets while allowing all IP traffic to be seen for the purpose of debugging.
The following is an example of ptrace output:
Command> ptrace ip Packet Tracing Enabled
Command> UDP from 192.77.203.31.520 to 192.77.203.255.520 UDP from 192.77.203.1.520 to 192.77.203.255.520
UDP from 192.77.203.25.127 to 192.77.203.255.125 UDP from 192.77.203.2.520 to 192.77.203.255.520
icmp from 192.77.203.62 to 192.77.203.63 type Echo Request ptrace
Packet Tracing Disabled
