I would like to see what is happening to a client on lan port 2 with tcpdump how do I do this please? I have a WRT1900ACS V2 router.
I tried port mirroring with wireshark but for some reason I can see my other lan ports. So I thought of giving tcpdump a try instead?
I'm using the latest OpenWRT release.
If you could please show all the commands to type in the terminal
I forgot to mention the client is a ZTE chinese router. I would like to know the IP it's trying to communicate to.
I also got another chinese router on the way, and would also like to test that to see if it reports to china.
Wireshark can filter by mac address which might help (unless the router is spoofing its mac address which you should be able to detect by looking at ARP requests):
eth.src == XX:XX:XX:XX:XX:XX or eth.dst == XX:XX:XX:XX:XX:XX
tcpdump -i any -evn ether host XX:XX:XX:XX:XX:XX
You can swap
any with the interface (e.g eth0.1 , lan1 , br-lan)
This topic was automatically closed 10 days after the last reply. New replies are no longer allowed.