NETGEAR FSM726v3 packet capturing

To start capturing the packets being transmitted and saving them to the internal device memory one needs to type in capture all packets command in the configuration mode.

(FSM726V3) (Config)#capture ?
all Enable/Disable capturing All packets..
receive Enable/Disable capturing Receive packets..
transmit Enable/Disable capturing Transmit packets..
wrap Enable/Disable Log Wrapping Configuration..
(FSM726V3) (Config)#capture all ?
packets Enable/Disable capturing All packets..
(FSM726V3) (Config)#capture all packets ?
<cr> Press enter to execute the command.
(FSM726V3) (Config)#capture all packets

The access to the captured packets can be gained in the same session of the configuration mode by typing in show capture packets command. Below one can see the output of one of such packets captured.

(FSM726V3) #show capture packets
1/0/26 Length = 64 [RECEIVE]
===================
02:04:46.0000
0000 01 80 c2 00 00 00 fc fb fb 7e fd 92 81 00 00 01
0010 00 26 42 42 03 00 00 00 00 00 61 4f 64 a0 e7 73
0020 ae 00 00 00 00 04 81 4f fc fb fb 7e fd 80 80 12
0030 01 00 14 00 02 00 0f 00 00 00 00 00 00 00 00 00
0040 31 2e 31 0d 0a 48 6f 73 74 3a 32 33 39 2e 32 35
0050 35 2e 32 35 35 2e 32 35 30 3a 31 39 30 30 0d 0a
0060 53 54 3a 75 72 6e 3a 73 63 68 65 6d 61 73 2d 75
0070 70 6e 70 2d 6f 72 67 3a 64 65 76 69 63 65 3a 53
===================

We decided to save all 'text' we received this way to a separate file. Now we will need to reorganize it so that text2pcap utility featured as part of Wireshark network analyser understands it. Naturally, we can analyse the data we received manually, but by using Wireshark or any similar software we can substantially facilitate the whole process. We have already described the data preparation procedure for text2pcap utility previously in detail in the article dedicated to ASUS SL1200 traffic capturing and therefore we will not be going into its specifics now. Also, we decided to present the prepared file to our readers. Let's reorganize the prepared file the way so that it is understood by Wireshark.

C:\Program Files\Wireshark>text2pcap.exe capture3.txt capture.pcap
Input from: capture3.txt
Output to: capture.pcap
Wrote packet of 128 bytes at 0
Wrote packet of 128 bytes at 128
Wrote packet of 128 bytes at 256
Wrote packet of 128 bytes at 384
Wrote packet of 128 bytes at 512
Read 5 potential packets, wrote 5 packets

The file we have just obtained can already be opened by a network analyser.

It is also worth noticing that such sniffering may only be carried out in a very careful way since we accidentally rebooted the switch several times just by launching endless ping with packets of 10.000 bytes.

The only thing there is left to mention are the limitations on such capturing. The packets captured by NETGEAR FSM726v3 switch have size of 128 bytes.

Add comment


Security code
Refresh

Found a typo? Please select it and press Ctrl + Enter.