Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
551
Views
0
Helpful
1
Replies

packet display question

bmcelyea
Level 1
Level 1

‎10-04-2006 09:41 AM - edited ‎03-10-2019 03:15 AM

I am having trouble passing arguments to tcpdump via the packet display command.

The tcpdump command I am trying to use is:

tcpdump -nvvX host 10.0.0.1

It seems I should use:

packet display GigabitEthernet0/0 expression -nvvX host 10.0.0.1

This doesnt work

This works:

packet display GigabitEthernet0/0 expression -nvvX

and this works:

packet display GigabitEthernet0/0 expression host 10.0.0.1

I cant get both working at the same time?

How do I pass two arguments throough the packet display command?

Labels:
0 Helpful
1 Reply 1

mhellman
Level 7
Level 7

‎10-04-2006 10:24 AM

I don't think that you're supposed to be able to provide ANY options to tcpdump like that. What you've found might be a bug. For example, I can bypass the normal file and size limitations for this command now by using a "...expression -wfoo.cap". Unfortunately, I can't provide a meaningful expression otherwise.

In any event, the -n option appears to be the default. The -v option is replaced with the keyword "verbose". I couldn't find a combination that allowed for -X and an actual expression.

I think you'll have to use packet capture.

0 Helpful
Customers Also Viewed These Support Documents
Review Cisco Networking for a $25 gift card