| Description | This article provides some useful filters that can used in the sniffer packet. |
| Scope | FortiGate. |
| Solution |
The following command is used to trace the packet via CLI:
dia sniffer packet <interface> 'host x.x.x.x ' <level>
<interface> <----- This interface can be set to any or any specific port. <level> <----- Level can be from 1 - 6.
For example:\
dia sniffer packet any 'host 8.8.8.8 ' 4
Below are two filters which is useful while doing the sniffer packet:
1. not (!) <----- To exempt any protocol. 2. net <----- To collect with whole subnet.
To exempt any of the specific protocols, it is possible to use the not(!) command for the same.
Here is an example:
dia sniffer packet any 'host 8.8.8.8 and !icmp' 4 <----- This will omit all the ICMP traffic. dia sniffer packet any 'host 8.8.8.8 and !tcp' 4 <----- This will omit all the TCP traffic. dia sniffer packet any 'host 8.8.8.8 and !udp' 4 <----- This will omit all the UDP traffic
For example:
Secondly, it is possible to collect the sniffer packet capture for the whole subnet.
Here is the command:
dia sniffer packet any 'net 172.31.133.0/24 ' 4
Related article: |
