Tuesday, October 8, 2013

Mikrotik mangle Sniff TZSP, trafr, tcpdump on Wheezy 



Mikrotik router:

[admin@MikroTik] > ip firewall mangle print detail
Flags: X - disabled, I - invalid, D - dynamic 
 0   ;;; 91.217.189.21/portlane.se.quakenet.org irc traffic sniffing test
     chain=prerouting action=sniff-tzsp sniff-target=192.168.199.20 sniff-target-port=37008 protocol=tcp src-address=192.168.199.0/24 dst-port=6667



Wheezy (sniff target):

cmd>root# apt-get update && apt-get install tcpdump

cmd>user# wget http://www.mikrotik.com/download/trafr.tgz
cmd>user# tar -zxvf trafr.tgz
cmd>user# ./trafr -s | /usr/sbin/tcpdump -A -r - -n
Posted by at
Labels: , , , , ,

No comments:

Post a Comment

Subscribe to: Post Comments (Atom)