FortiGate
FortiGate Next Generation Firewall utilizes purpose-built security processors and threat intelligence security services from FortiGuard labs to deliver top-rated protection and high performance, including encrypted traffic.
cskuan
Staff
Staff
Article Id 197682

Description

 

This article describes how to sniff packets for a specific MAC Address on FortiGate with CLI commands.

 

Scope

 

Any supported version of FortiGate.

Solution


Below is the command to sniff packet by MAC Address on FortiGate with CLI commands:

To sniff the MAC Address when it is 'Source MAC = 00:09:0f:89:10:ea':

Method 1:

 

diagnose sniffer packet <interface> "ether src 00:09:0f:89:10:ea"

 

Method 2:

 

diagnose sniffer packet any '(ether[6:4]=0x00090f89) and (ether[10:2]=0x10ea)' 4

 

To sniff the MAC Address when it is 'Destination MAC = 00:09:0f:89:10:ea':

Method 1:

 

diagnose sniffer packet <interface> "ether dst 00:09:0f:89:10:ea"

 

Method 2:

 

diagnose sniffer packet any '(ether[0:4]=0x00090f89) and (ether[4:2]=0x10ea)' 4

 

To sniff the MAC Address when it is 'Source/Destination MAC = 00:09:0f:89:10:ea'

 

diagnose sniffer packet <interface> "ether host 00:09:0f:89:10:ea"