Filter
Top Products
13-7
Cisco Intrusion Prevention System CLI Sensor Configuration Guide for IPS 7.1
OL-19892-01
Chapter 13 Displaying and Capturing Live Traffic on an Interface
Erasing the Packet File
Note The exact format of the source and destination URLs varies according to the file.
–
ftp:—Destination URL for an FTP network server. The syntax for this prefix is:
ftp:[//[username@] location]/relativeDirectory]/filename
ftp:[//[username@]location]//absoluteDirectory]/filename
–
scp:—Destination URL for the SCP network server. The syntax for this prefix is:
scp:[//[username@] location]/relativeDirectory]/filename
scp:[//[username@] location]//absoluteDirectory]/filename
Note When you use FTP or SCP protocol, you are prompted for a password.
To copy packets files to an FTP or SCP server, follow these steps:
Step 1 Log in to the CLI using an account with administrator privileges.
Step 2 Copy the packet-file to an FTP or SCP server.
sensor# copy packet-file scp://jbrown@209.165.200.225/work/
Password: *********
packet-file 100% 1670 0.0KB/s 00:00
sensor#
Step 3 View the packet file with Wireshark or TCPDUMP.
Erasing the Packet File
Use the erase packet-file command to erase the packet file. There is only one packet file. It is 16 MB
and is over-written each time you use the packet capture command. To erase the packet file, follow
these steps:
Step 1 Display information about the current captured packet file.
sensor# packet display file-info
Captured by: cisco:1514, Cmd: packet capture GigabitEthernet0/1
Start: 2005/02/15 03:55:00 CST, End: 2005/02/15 03:55:05 CST
sensor#
Step 2 Erase the packet file.
sensor# erase packet-file
sensor#
Step 3 Verify that you have erased the packet file.
sensor# packet display file-info
No packet-file available.
sensor#