I am using smitty to create and configure a print queue. I am giving a print of a text file to the print queue created. I am using this in network.
How to capture network packets of the print from AIX to the printer and printer to AIX.
I tried Wireshark to capture network packets.
I am able to get only 'ack' packets that has been sent from printer to AIX.
I want to capture network packets from both the sides.
I tried this using a 10Mbps hub with Windows PC with Wireshark installed, AIX and Printer.
but if i connect only these 3 using 10Mbps hub i am not able to ping from AIX to windows or printer.
and i could see the network packets captured to and fro the AIX and printer.
Actually I want to print from AIX to printer and capture the packets that has been sent from AIX and ack received from printer.
Both I am able to receive thru' the iptrace command.
Actually i want to capture it in wireshark(both to and fro packets).
Wireshark is capturing more TCP datas than iptrace. but only issue is I am getting only ack packets from printer.
Please help how to get both to and fro packets transformation from AIX.
or the iptrace command to list complete details of the TCP packets.
If i execute that command following error message is displayed.
tcpdump: BIOCSETIF: en0: Do not specify an existing file.
Please help me out in solving the error.
After capturing the data from the below command, i am using ipreport command to redirect it.I am not able to open this in Wireshark as explained in The Wireshark Network Analyzer 1.1.2.
Too little information... If you want answers you need to supply information first as my crystal ball is undergoing maintenance these days... How To Ask Questions The Smart Way
Which command did you mean? What user do you use tcpdump with? Do you use tcpdump from AIX or tcpdump from the Linux Toolbox?
What exactly do you do? Which way do you transfer the report file to what type of machine?
I have configure Wireshark in Windows. I copied ipreport.network to windows pc and then tried to open it using wireshark. I got the error message "The file format is not supported".
Will ethereal compile in AIX 6.1 also..
Please let me know if more information is required.
Does the traffic flow over the first interface? What happens if you just do
# tcpdump host <printer_ip>
If it works add -vvv option to get more packet information.
Using iptrace with AIX became somewhat old fashioned since tcpdump entered AIX (at version 4.2 or so) hence I still recommend using tcpdump instead. I consider it possible that AIX iptrace output is somewhat "different" than what current versions of Wireshark expect. If you insist on using iptrace make sure that the file is not damaged during transfer.
Opposed to the link information bakunin supplied Wireshark compiles fine long since at least 0.9.9.5. on AIX 5.3 but you need to know your AIX to prepare the environment correctly. Hint: if you want to compile Wireshark yourself GNU compilers (current versions) seem to me more suitable for this job than the IBM compilers. However, to catch simple TCP packets even Ethereal (Wireshark's predecessor) might suffice. Ethereal 0.8.x.x has been available from the IBM AIX Linux Toolbox for years now.
Don't use bash when debuging AIX problems. AIX default shell is ksh. Using this oh so compatible "bash" or other non default shell will work just like AIX ksh in 99.9% of the time and the missing 0.1% compatibility might cause you many headaches.
If tcpdump complains about "no suitable device found" Ethereal/Wireshark won't work either.
Make sure that filest bos.net.tcp.adt is installed on your server. Then check whether the Berkeley Paket Filters are there: /dev/bpfx (with x being a number ranging from 0 to 3, i.e. four devices). These filters are not available per default. You need to run tcpdump from AIX (NOT from the Toolbox or any other source) once to get these filters created. Afterwards any tcpdump version should work.
As long as you use the adapter in question you cannot. I.e. you are loged in via en0 and your session would terminate during the change. Use the chdev -P parameter to change the value in the adapter's ODM only and the change will take place on next reboot. If you can access the server through another interface you can take the en0 down and change it without reboot. Same applies if you can access the server through a serial console.
You could even do this online by placing all commands into a command line (script) but if it fails you are locked out. That is why the first two ways to accomplish your aim are preferable if you want to do it online.