Rechercher une page de manuel
raddump
Langue: en
Version: 147062 (fedora - 04/07/09)
Section: 1 (Commandes utilisateur)
NAME
raddump - decipher captured RADIUS packetsSYNOPSIS
raddump [-?vsn] < pktfileDESCRIPTION
raddump(1) interprets captured RADIUS packets to print details about them, including a timestamp, packet lengths, RADIUS packet type, source and destination hosts and ports, and included attribute names and values. It is primarily useful in conjunction with packet capture programs such as tcpdump(1) or snoop(1M), and can be used either on a saved file or in a pipeline to monitor ongoing communications.raddump(1) currently understands packet traces that are RFC 1761-compliant (e.g. those produced by snoop v2) as well as those that are stored in the libpcap format (e.g. those produced by tcpdump). raddump(1) is able to distinguish these file formats on the fly, so it is not necessary to indicate which type of trace you are feeding it.
OPTIONS
- -?
- print a usage summary
- -v
- increase verbosity of output. Multiple -v arguments increase verbosity. Without any -v's, raddump(1) will print simply a one-line summary per packet consisting of timestamp, source and destination host and port, RADIUS packet type, and RADIUS packet size.
With one -v argument, raddump(1) will also print any attributes contained in the packet, including the attribute name and value. For attributes containing binary data, the actual contents are not printed, just a summary indicating the size of the binary data.
With two -v arguments, raddump(1) will additionally print a hex dump of any attributes containing binary data.
- -n
- By default, raddump(1) does a reverse DNS lookup on the source and destination IP addresses and prints the associated hostnames. The -n switch suppresses this lookup, so that raddump(1) will simply print the IP addresses in dotted quad notation.
- -s
- Print short hostnames. If hostnames are being printed, omit the domain part of the hostname.
EXAMPLES
With a saved packet trace:
-
$ raddump < pktfile
For real-time monitoring with snoop:
-
$ mkfifo ./snoopfifo $ snoop -q -s 1500 -o ./snoopfifo udp port 1812 & $ raddump < snoopfifo
For real-time monitoring with tcpdump:
-
$ tcpdump -s 1500 -w - udp port 1812 | raddump
SEE ALSO
tcpdump(1), snoop(1M), pcap(3), RFC 1761AUTHORS
The original author of raddump(1) was Jon Moore.BUGS
Please send bug reports, enhancements, or questions to:-
jonm@isc.upenn.edu
Contenus ©2006-2024 Benjamin Poulain
Design ©2006-2024 Maxime Vantorre