Manual Changes to Interface Configuration
In most cases, you can specify any interface configuration in the
DNCA Web Console. IN rare cases, you must make manual changes to interface
configuration through the dcx-conf.xml
file.
- Setting
- Description
All Traffic
- This option captures all packets to or from any host on the network
segment. When you select to capture all required traffic, the description
is an empty statement that matches all possible TCP/IP packets. It
is the same as running the command:
tcpdump -n -i eth0
In the
dcx-conf.xml
file, the choice to capture all traffic translates into the following XML:<ListenTos> <ListenTo>*</ListenTo> </ListenTos>
Specific Ports on All Hosts
- This option captures packets to or from any host but only on specific
ports. When selected, you must specify one or more TCP/IP port numbers.
The resulting description matches any packet that is destined for
or sent to at least one of the ports you specify. For example, suppose
you specified ports 99, 199, and 200. The resulting description of
the packets to match would be the same as running the following command:
tcpdump -n -i eth0 "((port 99) or (port 199) or (port 200))"
In the
dcx-conf.xml
file, the previous example would translate into the following XML:<ListenTos> <ListenTo> <Port>99</Port> </ListenTo> <ListenTo> <Port>199</Port> </ListenTo> <ListenTo> <Port>200</Port> </ListenTo> </ListenTos>
Specific Host-Port Combinations
- This option captures only those packets to or from specific host-port combinations. When selected, you can specify the host and corresponding ports for that host that must be captured. The resulting description matches at least one of the combinations where the source or destination host matches the host that is specified, and the source or destination port matches the specified port.
Suppose you specified the following host and port combinations.
- Host
- Port
- 127.0.0.1
- 80
- 172.16.0.1
- 1
- 172.16.0.2
- 2
The corresponding command to record the same traffic would be the following single command:
tcpdump -n -i eth0 "((host 127.0.0.1 and port 80) or \
(host 172.16.0.1 and port 1) or (host 172.16.0.2 and port 2))"
In the dcx-conf.xml
file, the previous example
would translate into the following XML:
<ListenTos>
<ListenTo>
<Address>127.0.0.1</Address>
<Port>80</Port>
</ListenTo>
<ListenTo>
<Address>172.16.0.1</Address>
<Port>1</Port>
</ListenTo>
<ListenTo>
<Address>172.16.0.2</Address>
<Port>2</Port>
</ListenTo>
</ListenTos>