Open a SSH connection to the Astaro Gateway using Putty
Login via SSH as “loginuser” using putty.
Elevate your privileges using the command “su -“
Before dumping the packet capture to a file, check the command syntax.
Now redirect the tcpdump output to a file using:
tcpdump -i eth0 src 192.168.1.2 -w /var/log/packetdump.sniff
Note: with the option –s 1500 you will capture the full packet data
Press Ctrl-C to stop the packet capture
Use WinSCP (free) to get the file capture from the Astaro to your PC
Browse to the /var/log directory and copy the file to c:\temp
Now you can open the file with Wireshark (Etherreal) in order to decode the packets.
In order to delete the capture from the Astaro HD issue the “rm –f –r /var/log/packetdump.sniff” command from the ssh session. WinSCP is logged without the administrative privileges and can’t delete files.