Take Packet Capture From Command Line

Updated 1 month ago by admin

In order to diagnose certain issues, Censornet Technical Support may need to obtain packet captures that show the connections being made when an error occurs. This allows us to examine what is happening 'behind the scenes'.

  1. Login to the USS Gateway command line using Putty (Download: 32 Bit or 64 Bit). Enter the IP address of the USS Gateway server and click open. When prompted for a username and password, please enter the credentials you created when you first installed the USS Gateway (note: this is not your Username and Password for the USS Dashboard). Once logged in, run the command
sudo su

to become root user.

  1. Now run the command
tcpdump -i any -s 0 -p -w /tmp/trace.pcap 'host x.x.x.x'

replacing the x.x.x.x with the IP address of the machine you want to capture.

  1. Attempt to re-create the error in your browser app. Once the error has been re-created, go back into the command line window and type Ctrl + C to stop the capture.
  2. Run the command
cp /tmp/trace.pcap /var/www

This allows you to be able to download the packet capture straight from your browser by visiting http://<<ip-of-ussgateway>>/trace.pcap

  1. You can analyze the capture yourself by opening it with Wireshark or send it to support@censornet.com for Technical Support to take a look at. If the latter is the case, please give a detailed explanation of the error so we know what to look for.

How did we do?