In most cases, you can specify any interface configuration in the PCA Web Console. IN
rare cases, you must make manual changes to interface configuration through the
ctc-conf.xml
file.
- Setting
- Description
All Traffic
- This option captures all packets to or from any host on the network segment. When you select to
capture all required traffic, the description is an empty statement that matches all possible TCP/IP
packets. It is the same as running the command:
tcpdump -n -i eth0
In the
ctc-conf.xml
file, the choice to capture all traffic translates into the following XML:<ListenTos> <ListenTo>*</ListenTo> </ListenTos>
Specific Ports on All Hosts
- This option captures packets to or from any host but only on specific ports. When selected, you
must specify one or more TCP/IP port numbers. The resulting description matches any packet that is
destined for or sent to at least one of the ports you specify. For example, suppose you specified
ports 99, 199, and 200. The resulting description of the packets to match would be the same as
running the following command:
tcpdump -n -i eth0 "((port 99) or (port 199) or (port 200))"
In the
ctc-conf.xml
file, the previous example would translate into the following XML:<ListenTos> <ListenTo> <Port>99</Port> </ListenTo> <ListenTo> <Port>199</Port> </ListenTo> <ListenTo> <Port>200</Port> </ListenTo> </ListenTos>
Specific Host-Port Combinations
- This option captures only those packets to or from specific host-port combinations. When selected, you can specify the host and corresponding ports for that host that must be captured. The resulting description matches at least one of the combinations where the source or destination host matches the host that is specified, and the source or destination port matches the specified port.
Suppose you specified the following host and port combinations.
- Host
- Port
- 127.0.0.1
- 80
- 172.16.0.1
- 1
- 172.16.0.2
- 2
The corresponding command to record the same traffic would be the following single command:
tcpdump -n -i eth0 "((host 127.0.0.1 and port 80) or \
(host 172.16.0.1 and port 1) or (host 172.16.0.2 and port 2))"
In the ctc-conf.xml
file, the previous example would translate into the
following XML:
<ListenTos>
<ListenTo>
<Address>127.0.0.1</Address>
<Port>80</Port>
</ListenTo>
<ListenTo>
<Address>172.16.0.1</Address>
<Port>1</Port>
</ListenTo>
<ListenTo>
<Address>172.16.0.2</Address>
<Port>2</Port>
</ListenTo>
</ListenTos>