Manual:Tools/Packet Sniffer
From MikroTik Wiki
(needs editing)
Applies to RouterOS: v2.9, v3, v4+
Contents
Summary
Sub-menu: /tool sniffer
Packages required: system
Packet sniffer is a tool that can capture and analyze packets that are going to, leaving or going through the router (except the traffic that passes only through the switch chip).
Packet Sniffer Configuration
Sub-menu: /tool sniffer
| Property | Description |
|---|---|
| interface (integer 10..1000000000; Default: 10) | The limit of the file in KB. Sniffer will stop after this limit is reached |
| file-name (string; Default: "") | The name of the file where the sniffed packets will be saved to |
| filter-address1 (IP address/netmask:port; Default: 0.0.0.0/0:0-65535) | The first address to filter |
| filter-address2 (IP address/netmask:port; Default: 0.0.0.0/0:0-65535) | The second address to filter |
| filter-protocol (all-frames | ip-only | mac-only-no-ip; Default: ip-only) | Filter specific protocol
|
| filter-stream (yes | no; Default: no) | Sniffed packets that are devised for sniffer server are ignored |
| interface (all | ether1 | ...; Default: all) | Interface management |
| memory-limit (integer 10..4294967295; Default: 10) | Memory amount reached in KB to stop sniffing |
| memory-scroll (yes | no; Default: no) | |
| only-headers (yes | no; Default: no) | Save in the memory only packet's headers not the whole packet |
| running (read-only) | If the sniffer is started then the value is yes otherwise no |
| streaming-enabled (yes | no; Default: no) | Defines whether to send sniffed packets to sniffer's server or not |
| streaming-server (ip address; Default: ) | Tazmen Sniffer Protocol (TZSP) stream receiver |
Running Packet Sniffer
Sniffed Packets
Packet Sniffer Protocols
Packet Sniffer Host
Packet Sniffer Connections
[ Top | Back to Content ]
