USRobotics NETServer/8 User Manual

Administrative Tools 9-9

Ptrace

This command lets you monitor network traffic at the packet
level. Use the following command:

ptrace <filter name>

Note that if you type the command without specifying a packet
filter, ptrace is disabled.

Keep in mind that this packet filter does not function like an
output or input packet filter. It does not discard packets that do
not meet its rules, it simply reports on those packets which do
meet its criteria.

When the command is issued, all packets received by the
NETServer are evaluated against the packet filter specified in
the command. If a packet meets the filter’s criteria, a message is
displayed on the command line. The message includes informa-
tion on the source and destination of the packet, the protocol
used, and information specific to that protocol.

When accessing the NETServer via a Telnet session, make sure
you filter out the administrative Telnet packets. Otherwise,
ptrace will report packets from the administrator’s own ptrace
output, causing a large amount of unusable packet tracing
information.

The following is an example filter for PTRACE:

1 deny 0.0.0.0/0 0.0.0.0/0 tcp src eq 23
2 deny 0.0.0.0/0 0.0.0.0/0 tcp dst eq 23
3 permit 0.0.0.0/0 0.0.0.0/0

This example filters out all Telnet packets while allowing all IP
traffic to be seen for the purpose of debugging.

The following is an example of ptrace output:

Command> ptrace ip
Packet Tracing Enabled
Command> UDP from 192.77.203.31.520 to 192.77.203.255.520
UDP from 192.77.203.1.520 to 192.77.203.255.520
UDP from 192.77.203.25.127 to 192.77.203.255.125
UDP from 192.77.203.2.520 to 192.77.203.255.520
icmp from 192.77.203.62 to 192.77.203.63 type Echo Request
ptrace
Packet Tracing Disabled