WHAT TO EXPECT
Users on Linux can use a cloudSwXtch-specific version of tcpdump called swx-tcpcump. This tool helps with capturing multicast packets sent to and from the cloudSwXtch. It is the same as tcpdump, but with logic to decode our own header and display the original multicast payload.
In this article, users will learn about the available arguments for swx-tcpdump.
Using swx-tcpdump
Execute the following command:
swx-tcpdumpNOTE
The default interface is swx0 (used with xNIC Type 1 and 3). If the multicast is running on a different interface, then the user will need to specify that interface. To get a list of interfaces you can use
ip a. After you get the name of the correct interface, you can use the-iargument followed by your desired interface name.
Example:
swx-tcpdump -i ens6Additional arguments
Users can use the -h argument, as shown below, to get a list of available arguments for swx-tcpdump.
$ swx-tcpdump -h
swx-tcpdump version 5.0.0-PRE-GIT
libpcap version 1.10.4 (with TPACKET_V3)
OpenSSL 3.0.13 30 Jan 2024
Usage: swx-tcpdump [-AbdDefhHIJKlLnNOpqStuUvxX#] [ -B size ] [ -c count ] [--count]
[ -C file_size ] [ -E algo:secret ] [ -F file ] [ -G seconds ]
[ -i interface ] [ --immediate-mode ] [ -j tstamptype ]
[ -M secret ] [ --number ] [ --print ]
[ --print-sampling nth ] [ -Q in|out|inout ] [ -r file ]
[ -s snaplen ] [ -T type ] [ --version ]
[ -V file ] [ -w file ] [ -W filecount ] [ -y datalinktype ]
[ --time-stamp-precision precision ] [ --micro ] [ --nano ]
[ -z postrotate-command ] [ -Z user ] [ expression ]Users can see the man page of the original tcpdump page.