Successfully pass the free certification exam at IW Academy and become an Infinet Certified Engineer.
Description
RPCAP (Remote Packet Capture) protocol provides the ability to remotely capture packets passed over the network, allows the remote control and analysis of the transit data flows.
RPCAP protocol consists of a server side daemon and a client side application. The client application (packet analyzer) connects to the server daemon, gives instructions which packets should be captured and manages the whole process. The server daemon sniffs the network traffic, captures the requested packets and passes them to the client side of the process to analyze the captured packets.
The InfiNet Wireless devices support RPCAP protocol and have a built-in RPCAP server daemon. It can be enabled and configured using the "rpcapd" command.
Syntax:
rpcapd -user=USERNAME -key[=PASSWORD] [add|del|change] rpcapd [-port[=PORT]] [-maxconn[=MAXCONNECTIONS]] [start|stop] rpcapd [-buffersize=[SND_BUFFER_SIZE]] rpcapd {trace|notrace} rpcapd show [-s=SOURCENAME] rpcapd source rpcapd clear
Parameters
Parameter | Description |
---|---|
-user=USERNAME -key[=PASSWORD] [add|del|change] | Allows to manipulate with user accounts which are used to connect to the RPCAP server
NOTE If no user account is configured in the system the RPCAP server daemon will reject all connections. For allowing any user account to connect to the server, use empty "user" and "key" parameters. |
[-port[=PORT]] [-maxconn[=MAXCONNECTIONS]] [start|stop] | Starts/Stops the RPCAP server daemon.
If no "port" or "maxconn" values are specified, the command sets the default RPCAP port value (2002) and unlimited number of allowed concurrent client connections. |
[-buffersize=[SND_BUFFER_SIZE]] | Sets the internal buffer size of the daemon for sending the captured packets to the client application. The default buffer size is 32Kb. |
{trace|notrace} | Enables/Disables writing daemon debug output to the unit’s system log. |
show [-s=SOURCENAME] | Displays all currently active connections.
|
source | Displays the list of sources for this device that are available for monitoring via the RPCAP protocol. |
clear | Clears the configuration and stops the daemon. |
Examples
Allow any user account to connect to the server using the RPCAP protocol. rpcapd -user= -key= |
Use the "source" parameter to display the list of all sources available for this device rpcapd source Type Name Description ---- --------------- -----------... I eth0 eth0 [link up-fd 100Mbps]=8103<UP,BROADCAST,PROMISC,MULTICAST> I rf5.0 rf5.0 [link up-hd 225Mbps]=8103<UP,BROADCAST,PROMISC,MULTICAST> I svi1 [virtual]=8003<UP,BROADCAST,MULTICAST> I tun0 [virtual]=8010<POINTOPOINT,MULTICAST> A mint_rf5.0 rf5.0 MINT payload |