This website uses cookies. By clicking Accept, you consent to the use of cookies. Click Here to learn more about how we use cookies.
Accept
Reject
RUCKUS Self Help |   ASK the Pack
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 

Remote capture using linux

_scar_leal
New Contributor II

‎01-16-2020 05:59 AM

Hi all.... Does anyone already implemented a remote capture for linux using the sniffer mode available on Ruckus AP's? Using wireshark on windows I have the "Remote Interfaces" feature... However, I need to perform a capture using linux command line (ex. tcpdump, tshark, or similar). I already tried the rpcap for linux but this is not working.
I'm using the standalone AP R730 without controller.






8 REPLIES 8

_scar_leal
New Contributor II
In response to _scar_leal

‎01-16-2020 02:24 PM

Hi Syamantak,

I know how to enable the captures 🙂

I just need to undestand how to receive the captures on linux. Do you have a solution for me?
0 Kudos

sanjay_kumar
RUCKUS Team Member
In response to _scar_leal

‎01-16-2020 07:14 PM

Hi Oscar,

This probably might help you:

1. From the linux machine, SSH into the AP.
2. Run a tcpdump from the CLI for the interface you want.
3. Save the logs in a pcap format.
4. Export the file to the local system via a FTP server.

Note: TCPDUMP command has to be run from the AP shell mode, you need to contact our support team to get this done.
0 Kudos

_scar_leal
New Contributor II
In response to _scar_leal

‎01-17-2020 03:48 AM

Hi,

Thanks for your support.
I already sent an email to our support. Let's see if they are able to enable the shell access.

Last question... Do you know if the shell access is persistent across reboots?

Thanks.
0 Kudos

syamantakomer
Community Admin
Community Admin
In response to _scar_leal

‎01-17-2020 04:56 AM

Hi Oscar,

As I have explained before, shell access is only limited to Ruckus Support and Ruckus engineering.

As per my understanding, you want to know how you can see the APs remote capture stream on your linux system (same way we see on Windows system using Wireshark's remote interface option). Correct me if I am wrong.

I have checked internally and externally and can confirm that Wireshark only supports remote interface option in Windows. Wireshark on Linux and MAC OS do not supports remote capture feature.

If it is just one time requirement then support should be able to join a web session with you and allow you the limited time access to shell mode, to run tcpdump and then export the file using TFTP or FTP but permanent access to AP shell is not allowed.

While reading some thirdparty pages, I have found below link which talks about "kismet", which seems a tool for linux. You may try this.

https://www.kismetwireless.net/docs/readme/datasources_remote_capture/

I hope this will help.

Regards,
Syamantak Omer

Syamantak Omer
Sr.Staff TSE | CWNA | CCNA | RCWA | RASZA | RICXI
RUCKUS Networks, CommScope!
Follow me on LinkedIn
0 Kudos
Copyright © 2024 Khoros, LLC