[HP-UX] nettl ¿¹Á¦ (tcpdump)
ÀÛ¼ºÀÚ °ü¸®ÀÚ ÀÛ¼º½Ã°£ 2018-04-22 01:01:12
 

nettl°ú netfmtÀÇ ±âº» ¿¹Á¦ÀÔ´Ï´Ù.

example)
# nettl -start
# nettl -tn all -e ns_ls_ip -f /tmp/test_ip
# nettl -status

# vi /tmp/filterfile
filter ip_saddr 1.7.100.54
filter ip_daddr 1.7.100.54

# netfmt -Nnl1c /tmp/test_filterfile -f /tmp/test_ip.TRC0 > /tmp/test_file
# cat /tmp/test_file

±¸¼º Á¤º¸:
¿î¿µÃ¼Á¦ - HPUX
¹öÀü -  TRACING
Çϵå¿þ¾î ½Ã½ºÅÛ -
½Ã¸®Áî -

´ä]

TRACE INFO °®±â
´ÙÀ½Àº nfs Ŭ¶óÀ̾ðÆ®¿¡¼­ mount ¸í·É¾î¸¦ ¼öÇàÇϸ鼭 nfs ¼­¹ö¿¡¼­ trace¸¦ ÃëÇÏ´Â ¿¹Á¦ÀÔ´Ï´Ù.
ÀÌ°ÍÀº ±âº» ¿¹Á¦À̹ǷÎ, °³º° ¿É¼Ç ÀÌÇظ¦ À§ÇØ nettl°ú netfmtÀÇ man ÆäÀÌÁö¸¦ ÂüÁ¶ÇÕ´Ï´Ù.

nettl - trace ÆÄÀÏ ¸¸µé±â

1. nfs ¼­¹ö¿¡¼­ trace¸¦ ½ÃÀÛÇÕ´Ï´Ù.

  # nettl -tn pduin pduout -e ns_ls_ip -f /tmp/nfssvr
    ¶Ç´Â
  # nettl -tn pduin pduout -e all -f /tmp/nfssvr
    ¶Ç´Â
  # nettl -tn 0x30800000 -e all -size 1024 -tracemax 99999 -f /tmp/nfssvr

  ÁÖÀÇ: ns_ls_ip µå¶óÀ̹ö´Â ipÀ§·Î ¿î¹ÝµÇÁö ¾Ê´Â ¸µÅ© ·¹À̾î Æ®·¡ÇÈÀ̳ª ÇÁ·ÎÅäÄÝ¿¡ ´ëÇÑ 
        ƯÁ¤ Á¤º¸°¡ ÇÊ¿äÇÏÁö ¾Ê´Ù¸é ´ëºÎºÐÀÇ °æ¿ì ÃæºÐÇÕ´Ï´Ù.

2. nfs Ŭ¶óÀ̾ðÆ®¿¡¼­ mount ¸í·É¾î¸¦ ½ÇÇàÇÕ´Ï´Ù:

  # mount nfs_server:/export-mnt-pnt  /local-mnt-pnt

3. nfs¼­¹ö¿¡¼­ trace¸¦ Á¤ÁöÇÕ´Ï´Ù:

  # nettl -tf -e all

netfmt - trace ÆÄÀÏ Æ÷¸ËÇϱâ

1. ĸÃÄ ÆÄÀÏ¿¡¼­ ¸ðµç ÆÐŶ¿¡ 1-liner trace ºÐ¼® ÆÄÀÏÀ» ¸¸µì´Ï´Ù:

  # netfmt -Nnl1f /tmp/nfssvr.TRC0 > /tmp/trace.txt

2. ĸÃÄ ÆÄÀÏ¿¡¼­ ¸ðµç ÆÐŶÀÇ ÀÚ¼¼ÇÑ trace ºÐ¼®°á°ú¸¦ ¸¸µì´Ï´Ù:

  # netfmt -Nnlf /tmp/nfssvr.TRC0 > /tmp/trace.txt

3. ÆÐŶ ÇÊÅ͸¦ »ç¿ëÇÏ¿© 1-liner trace ºÐ¼® ÆÄÀÏÀ» ¸¸µì´Ï´Ù.

  # netfmt -Nnl1c /tmp/filterfile -f /tmp/nfssvr.TRC0 > /tmp/trace.txt


netfmt ÆÐŶ ÇÊÅÍ

"°ü½É" ÀÖ´Â ÆÐŶÀ» º¸·Á¸é, ÇÊÅÍ ÆÄÀÏÀ» ¸¸µé°í /tmp/filterfileÀ¸·Î Á¤ÇÏ°í À§¿¡¼­ ¼³¸íÇÑ
netfmt ¸í·É¾î¿Í °áÇÕÇÏ¿© »ç¿ëÇÕ´Ï´Ù. ´ÙÀ½Àº ÁÖ¾îÁø ±âÁØÀ» ¹ÙÅÁÀ¸·Î ÇÊÅ͸µÇÏ´Â ¹æ¹ý¿¡ ´ëÇÑ
¿¹Á¦ÀÔ´Ï´Ù:

1. nettl trace¸¦ ±¸µ¿Çϴ ȣ½ºÆ®¿¡ ÀÇÇØ IP ¾îµå·¹½º·Î Àü¼ÛµÇ°Å³ª ¼ö½ÅµÇ´Â ÆÐŶÀ» º¸·Á¸é:

  filter ip_saddr 192.6.2.1
  filter ip_daddr 192.6.2.1

2. nettl trace¸¦ ±¸µ¿Çϴ ȣ½ºÆ®¿¡ ÀÇÇØ ÀÌ´õ³Ý ¾îµå·¹½º·Î Àü¼ÛµÇ°Å³ª ¼ö½ÅµÇ´Â ÆÐŶÀ» º¸·Á¸é:
  filter source 08-00-09-00-12-3c
  filter dest 08-00-09-00-12-3c

3. trace¸¦ ÇÏ°í Àִ ȣ½ºÆ®·Î Àü¼ÛµÇ°Å³ª ¼ö½ÅµÇ´Â ÆÐŶÀ» º¸·Á¸é:
  NFS ÆÐŶÀ» º¸·Á¸é:

  filter udp_sport 2049 /* UDP port 2049 = nfsd */
  filter udp_dport 2049 /* UDP port 2049 = nfsd */

4. trace¸¦ ÇÏ°í Àִ ȣ½ºÆ®·Î Àü¼ÛµÇ°Å³ª ¼ö½ÅµÇ´Â ÆÐŶÀ» º¸·Á¸é;
  ÅÚ³Ý ÆÐŶ¸¸À» º¸·Á¸é:

  filter tcp_sport 23 /* TCP port 23 = telnet */
  filter tcp_dport 23 /* TCP port 23 = telent */

ÁÖÀÇ: ´ÙÁß ÇÊÅÍ°¡ »ç¿ëµÇ¸é, ³í¸®ÀûÀ¸·Î " AND"µÇ°í "OR"µÇÁö ¾Ê½À´Ï´Ù:
    ¿¹:

        filter ip_saddr 192.6.2.1
        filter ip_daddr 192.6.2.1
        filter tcp_sport 23 /* TCP port 23 = telnet */

      ÀÌ ÇÊÅÍ´Â ip ¾îµå·¹½º 192.6.2.1À» °®´Â ½Ã½ºÅÛÀ¸·Î/¿¡¼­ ¿ÀÁ÷ ÅÚ³Ý Ä¿³Ø¼Ç ¿äûÀ» 
      Æ÷¸ËÇÒ °ÍÀÔ´Ï´Ù

"ÁøÇàÁßÀÎ" ÆÐŶ °üÂûÀ» À§Çؼ­´Â

"ÁøÇàÁßÀÎ" ÆÐŶ °üÂûÀ» À§ÇÑ nettl_netfmt ¿î¿µ ¹æ¹ý:

´ÙÀ½ ¸í·É¾î°¡ ½ºÅ©¸°¿¡ trace ÆÄÀϷΠǥ½ÃÇÏ°í, Ãâ·ÂÀ» ÆÄÀÏ·Î ¸¸µì´Ï´Ù. -e ÆĶó¹ÌÅÍ·Î µå¶óÀ̹ö¸¦
ÁöÁ¤ÇÒ ¼ö ÀÖ½À´Ï´Ù:

  # nettl -tn 0x30800000 -e all | netfmt -FNnlc /tmp/filterfile | tee /tmp/fmt0

trace¸¦ Á¤ÁöÇϱâ À§Çؼ­´Â:

À§¿¡ ½ÃÀÛµÈ nettl ¸í·É¾î¿¡ CTRL/C¸¦ ´©¸£°í ³ª¼­,
  # nettl -tf -e all

Æ÷¸ËµÈ trace ÆÄÀÏÀº /tmp/fmt0 ÆÄÀÏÀÌ µË´Ï´Ù. À̶§ ¸¸µé¾îÁø ¾î¶² rawÆÄÀϵµ ¾ø½À´Ï´Ù.


Ãâó: http://newposting.tistory.com/entry/HP-UX-nettl°ú-netfmt-¿¹Á¦ [ICQ 15161909]