[j-nsp] Files tcpdump of Junos on Wireshark.

Kevin Cullimore kcullimo at runbox.com
Wed Dec 1 00:13:59 EST 2010


On 11/30/2010 8:47 PM, David Lockuan wrote:
> Hi guys,
>
> I was testing the hidden command of JunOS, " monitor traffic write-file
> <name_files>  interface xx-X/X/X". In theory, this files is with format
> tcpdump but when I try to see with Wireshark, it don't show me on detail of
> the packet.
>
> I see that the wireshark detect a protocol "juniper", I don't know how to
> decode this part or maybe I need a particular library to wireshark.
>
> Has someone used this command??
>
> Thanks for all.
>
> Best regards,
>
I vaguely recall having to use a non-default sample size (in bytes). If 
the resulting output consists of sufficiently small packet sizes, the 
only details to typically left to decode are the L2-L4 headers.


More information about the juniper-nsp mailing list