1UDPDUMP(1)                                                          UDPDUMP(1)
2
3
4

NAME

6       udpdump - Provide a UDP receiver that gets packets from network devices
7       (like Aruba routers) and exports them in PCAP format.
8

SYNOPSIS

10       udpdump [ --help ] [ --version ] [ --extcap-interfaces ]
11       [ --extcap-dlts ] [ --extcap-interface=<interface> ]
12       [ --extcap-config ] [ --capture ] [ --fifo=<path to file or pipe> ]
13       [ --port=<port> ] [ --payload=<type> ]
14

DESCRIPTION

16       udpdump is a extcap tool that provides a UDP receiver that listens for
17       exported datagrams coming from any source (like Aruba routers) and
18       exports them in PCAP format. This provides the user two basic
19       functionalities: the first one is to have a listener that prevents the
20       localhost to send back an ICMP port-unreachable packet. The second one
21       is to strip out the lower layers (layer 2, IP, UDP) that are useless
22       (are used just as export vector). The format of the exported datagrams
23       are EXPORTED_PDU, as specified in
24       https://gitlab.com/wireshark/wireshark/-/raw/master/epan/exported_pdu.h
25

OPTIONS

27       --help
28
29           Print program arguments.
30
31       --version
32
33           Print program version.
34
35       --extcap-interfaces
36
37           List available interfaces.
38
39       --extcap-interface=<interface>
40
41           Use specified interfaces.
42
43       --extcap-dlts
44
45           List DLTs of specified interface.
46
47       --extcap-config
48
49           List configuration options of specified interface.
50
51       --capture
52
53           Start capturing from specified interface save saved it in place
54           specified by --fifo.
55
56       --fifo=<path to file or pipe>
57
58           Save captured packet to file or send it through pipe.
59
60       --port=<port>
61
62           Set the listener port. Port 5555 is the default.
63
64       --payload=<type>
65
66           Set the payload of the exported PDU. Default: data.
67

EXAMPLES

69       To see program arguments:
70
71           udpdump --help
72
73       To see program version:
74
75           udpdump --version
76
77       To see interfaces:
78
79           udpdump --extcap-interfaces
80
81       Example output
82
83           interface {value=udpdump}{display=UDP Listener remote capture}
84
85       To see interface DLTs:
86
87           udpdump --extcap-interface=udpdump --extcap-dlts
88
89       Example output
90
91           dlt {number=252}{name=udpdump}{display=Exported PDUs}
92
93       To see interface configuration options:
94
95           udpdump --extcap-interface=udpdump --extcap-config
96
97       Example output
98
99           arg {number=0}{call=--port}{display=Listen port}{type=unsigned}{range=1,65535}{default=5555}{tooltip=The port the receiver listens on}
100
101       To capture:
102
103           udpdump --extcap-interface=randpkt --fifo=/tmp/randpkt.pcapng --capture
104
105           Note
106           To stop capturing CTRL+C/kill/terminate the application.
107

SEE ALSO

109       wireshark(1), tshark(1), dumpcap(1), extcap(4)
110

NOTES

112       udpdump is part of the Wireshark distribution. The latest version of
113       Wireshark can be found at https://www.wireshark.org.
114
115       HTML versions of the Wireshark project man pages are available at
116       https://www.wireshark.org/docs/man-pages.
117

AUTHORS

119       Original Author
120       Dario Lombardo <lomato[AT]gmail.com>
121
122
123
124                                  2023-08-31                        UDPDUMP(1)
Impressum