SOLARIS: SNOOP Useful Commands For Network Packet Captures

Snoop is network packets capture tool for Solaris just like tcpdumps on Linux.

Below are some snoop command examples.

snoop command to capture packets on a specific interface and specific hostname from where packets are coming.

snoop -q -I <interface name> -o <filename> <IP to capture packets>

For e.g. if you want to capture the packets on ipmp3 interface coming from external IP 10.10.10.1 and save the output to /tmp/snoop.out file your command looks as follows:

snoop -q -I ipmp3 -o /tmp/snoop.out 10.10.10.1

snoop command to not want to capture the packets on port 22 which is SSH port.

snoop -q -I <interface name> -o <filename> <IP to capture packets> not port 22

For e.g. if you want to capture the packets on ipmp3 interface coming from external IP 10.10.10.1 and save the output to /tmp/snoop.out file your command looks as follows:

snoop -q -I ipmp3 -o /tmp/snoop.out 10.10.10.1 not port 22

snoop command to just see the packets on console without capturing into a file.

snoop -q -I <interface name>

For e.g. if you want to see the packets on ipmp3 interface coming from external IP 10.10.10.1, your command looks like below:

snoop -q -I ipmp3 10.10.10.1

snoop command to read the snoop capture file.

snoop -i <filename>

Products to which Article Applies

Solaris Operating Systems

Additional Reference

https://www.thegeekdiary.com/solaris-snoop-15-awesome-practical-examples/

 

tarun boyella