|
<< Click to Display Table of Contents >> Navigation: Network Tools > ipmon > Usage |
Command Line Parameters
ipmon [/i INTERFACE] [/udp] [/tcp] [/icmp] [/dport PORT] [/sport PORT] [/list] [/group-port] [/resolve]
/i INTERFACE |
The interface ipmon should be capturing packets on. If not interface is specified and only one interface with a valid IP address exists on the system, then that interface will automatically be used. If multiple active interfaces exist, a list of interfaces will be presented for a selection.
|
/u /udp |
Capture UDP traffic (activated by default)
|
/t /tcp |
Capture TCP traffic (activated by default)
|
/c /icmp |
Capture ICMP traffic (not activated by default)
|
/d PORT |
Only include UDP/TCP packets that are sent to local port PORT
|
/s PORT |
Only include UDP/TCP packets that are sent from remote port PORT
|
/l |
List all available interfaces (always promopt)
|
/g /group-port |
By default, IPMon shows each remote IP address that sent a packet to the local machine only once, even when packets have been sent from different remote ports. Activating this option will result in more output since the same IP address will be shown multiple times if communication between different ports is taking place.
|
/r /resolve |
Resolves the remote IP address to a host name. Please note that using this option when capturing large amounts of packets may incur a delay with real time monitoring.
|
Examples
Example 1: Display all UDP + TCP communication from the default interface.
ipmon
Example 2: Display all UDP, TCP and ICMP communication from the default interface and resolve all host name where possible
ipmon /udp /tcp /icmp /resolve
Example 3: Display all UDP, TCP and ICMP communication from the default interface and resolve all host name where possible
ipmon /udp /tcp /icmp /resolve
Example 4: Display all TCP communication from interface \Device\NPF_{E84D78AB-18AC-4705-A7CA-221EC0CDAE12}
ipmon /i \Device\NPF_{E84D78AB-18AC-4705-A7CA-221EC0CDAE12} /TCP