From MikroTik Wiki
Jump to: navigation, search

MikroTik RouterOS configuration

Configure sniffer to stream to device running wireshark,

/tool sniffer set streaming-enabled=yes 
/tool sniffer start

Ethereal/Wireshark configuration

Wireshark is commonly used network protocol analyzer for Unix and Windows, it's available for free download from project homepage,

To accept sniffer TZSP stream, you have to set the configuration,

  • To accept only TZSP traffic, Capture Filter like this can be used
udp port 37008
  • Make sure you accept UDP in Wireshark (as TZSP uses UDP to transport data);
  • You may need to disable WCCP protocol in wireshark (Analyze/Enabled Protocols), as that collides with TZSP and by default frames may be considered WCCP, not TZSP;
  • For streaming wireless sniffer captures (interface wireless sniffer), make sure you have newest wireshark and newest routeros.