Go to main content

Administering TCP/IP Networks, IPMP, and IP Tunnels in Oracle® Solaris 11.3

Exit Print View

Updated: March 2019

How to Check Packets From All Interfaces

  1. Print information about the interfaces that are attached to the system.
    # ipadm show-if

    The snoop command normally uses the first non-loopback device, which is typically the primary network interface.

  2. Begin packet capture by typing snoop without arguments.
    # snoop
  3. Press Control-C to halt the process.
Example 8  Displaying Basic snoop Output

The following example shows the basic snoop command output for a dual-stack host.

# snoop
Using device /dev/net (promiscuous mode)
router5.local.com -> router5.local.com ARP R, router5.local.com is
router5.local.com -> BROADCAST     TFTP Read "network-confg" (octet)
myhost -> DNSserver.local.com      DNS C Internet PTR ?
DNSserver.local.com  foohost       DNS R Internet PTR
fe80::a00:20ff:febb:e09 -> ff02::9 RIPng R (5 destinations)

In the previous output, the packets that are captured show a DNS query and response, as well as periodic Address Resolution Protocol (ARP) packets from the local router and advertisements of the IPv6 link-local address to the in.ripngd daemon.