Usage

<< Click to Display Table of Contents >>

Navigation:  Network Tools > ipmon >

Usage

Command Line Parameters

 

ipmon [/i INTERFACE] [/udp] [/tcp] [/icmp] [/dport PORT] [/sport PORT] [/list] [/group-port] [/resolve]

 

/i INTERFACE

The interface ipmon should be capturing packets on. If not interface is specified and only one interface with a valid IP address exists on the system, then that interface will automatically be used. If multiple active interfaces exist, a list of interfaces will be presented for a selection.

 

/u /udp

Capture UDP traffic (activated by default)

 

/t /tcp

Capture TCP traffic (activated by default)

 

/c /icmp

Capture ICMP traffic (not activated by default)

 

/d PORT

Only include UDP/TCP packets that are sent to local port PORT

 

/s PORT

Only include UDP/TCP packets that are sent from remote port PORT

 

/l

List all available interfaces (always promopt)

 

/g /group-port

By default, IPMon shows each remote IP address that sent a packet to the local machine only once, even when packets have been sent from different remote ports. Activating this option will result in more output since the same IP address will be shown multiple times if communication between different ports is taking place.

 

/r /resolve

Resolves the remote IP address to a host name. Please note that using this option when capturing large amounts of packets may incur a delay with real time monitoring.

 

 

Examples

 

Example 1: Display all UDP + TCP communication from the default interface.

 

ipmon

 

Example 2: Display all UDP, TCP and ICMP communication from the default interface and resolve all host name where possible

 

ipmon /udp /tcp /icmp /resolve

 

Example 3: Display all UDP, TCP and ICMP communication from the default interface and resolve all host name where possible

 

ipmon /udp /tcp /icmp /resolve

 

Example 4:  Display all TCP communication from interface \Device\NPF_{E84D78AB-18AC-4705-A7CA-221EC0CDAE12}

 

ipmon /i \Device\NPF_{E84D78AB-18AC-4705-A7CA-221EC0CDAE12} /TCP