diff options
| author | Aaron Conole <aconole@redhat.com> | 2016-06-08 17:49:55 -0400 |
|---|---|---|
| committer | Ben Pfaff <blp@ovn.org> | 2016-06-23 15:02:38 -0700 |
| commit | 314ce6479a8380e2aeaa53eb5bab96a23c06d62d (patch) | |
| tree | 485a65f00c155d97931d61d9b15687f3efbf4a5e /utilities/ovs-tcpdump.8.in | |
| parent | 8e2b26562c2e82fd4492d4a27aa24238e47b022a (diff) | |
| download | openvswitch-314ce6479a8380e2aeaa53eb5bab96a23c06d62d.tar.gz | |
ovs-tcpdump: Add a tcpdump wrapper utility
Currently, there is some documentation which describes setting up and
using port mirrors for bridges. This documentation is helpful to setup
a packet capture for specific ports.
However, a utility to do such packet capture would be valuable, both
as an exercise in documenting the steps an additional time, and as a way
of providing an out-of-the-box experience for running a capture.
This commit adds a tcpdump-wrapper utility for such purpose. It uses the
Open vSwitch python library to add/remove ports and mirrors to/from the
Open vSwitch database. It will create a tcpdump instance listening on
the mirror port (allowing the user to specify additional arguments), and
dump data to the screen (or otherwise).
Signed-off-by: Aaron Conole <aconole@redhat.com>
Signed-off-by: Ben Pfaff <blp@ovn.org>
Acked-by: Flavio Leitner <fbl@sysclose.org>
Diffstat (limited to 'utilities/ovs-tcpdump.8.in')
| -rw-r--r-- | utilities/ovs-tcpdump.8.in | 51 |
1 files changed, 51 insertions, 0 deletions
diff --git a/utilities/ovs-tcpdump.8.in b/utilities/ovs-tcpdump.8.in new file mode 100644 index 000000000..ecd093791 --- /dev/null +++ b/utilities/ovs-tcpdump.8.in @@ -0,0 +1,51 @@ +.TH ovs\-tcpdump 8 "@VERSION@" "Open vSwitch" "Open vSwitch Manual" +. +.SH NAME +ovs\-tcpdump \- Dump traffic from an Open vSwitch port using \fBtcpdump\fR. +. +.SH SYNOPSIS +\fBovs\-tcpdump\fR \fB\-i\fR \fIport\fR \fBtcpdump options...\fR +. +.SH DESCRIPTION +\fBovs\-tcpdump\fR creates switch mirror ports in the \fBovs\-vswitchd\fR +daemon and executes \fBtcpdump\fR to listen against those ports. When the +\fBtcpdump\fR instance exits, it then cleans up the mirror port it created. +.PP +\fBovs\-tcpdump\fR will not allow multiple mirrors for the same port. It has +some logic to parse the current configuration and prevent duplicate mirrors. +.PP +The \fB\-i\fR option may not appear multiple times. +.PP +It is important to note that under \fBLinux\fR based kernels, tap devices do +not receive packets unless the specific tuntap device has been opened by an +application. This requires \fBCAP_NET_ADMIN\fR privileges, so the +\fBovs-tcpdump\fR command must be run as a user with such permissions (this +is usually a super-user). +. +.SH "OPTIONS" +.so lib/common.man +. +.IP "\fB\-\-db\-sock\fR" +The Open vSwitch database socket connection string. The default is +\fIunix:@RUNDIR@/db.sock\fR +. +.IP "\fB\-\-dump\-cmd\fR" +The command to run instead of \fBtcpdump\fR. +. +.IP "\fB\-i\fR" +.IQ "\fB\-\-interface\fR" +The interface for which a mirror port should be created, and packets should +be dumped. +. +.IP "\fB\-\-mirror\-to\fR" +The name of the interface which should be the destination of the mirrored +packets. The default is miINTERFACE +. +.SH "SEE ALSO" +. +.BR ovs\-appctl (8), +.BR ovs\-vswitchd (8), +.BR ovs\-pcap (1), +.BR ovs\-tcpundump (1), +.BR tcpdump (8), +.BR wireshark (8). |