Ethereal/Wireshark

From MikroTik Wiki
Revision as of 08:39, 16 September 2008 by SergejsB (talk | contribs) (Add content to Wireshark)
(diff) ← Older revision | Latest revision (diff) | Newer revision → (diff)
Jump to navigation Jump to search

MikroTik RouterOS configuration

Configure sniffer to stream to device running wireshark, 

/tool sniffer set streaming-enabled=yes streaming-server=ip.of.wireshark.box 
/tool sniffer start

Ethereal/Wireshark configuration

Wireshark is commonly used network protocol analyzer for Unix and Windows, it's available for free download from project homepage, http://www.wireshark.org/

To accept sniffer TZSP stream, you have to set the configuration,

  • Make sure you accept UDP in Wireshark (as TZSP uses UDP to transport data);
  • You may need to disable WCCP protocol in wireshark (Analyze/Enabled Protocols), as that collides with TZSP and by default frames may be considered WCCP, not TZSP;
  • For streaming wireless sniffer captures (interface wireless sniffer), make sure you have newest wireshark and newest routeros.
Retrieved from "https://wiki.mikrotik.com/index.php?title=Ethereal/Wireshark&oldid=8471"