How to see the whole MQ message transmitted with iptrace?
This is a discussion on How to see the whole MQ message transmitted with iptrace? within the AIX Operating System forums, part of the Unix Operating Systems category; --> Hello, I use iptrace(iptrace -i lo0 -a -b /tmp/iptrace.out) on AIX to trace the MQ message traffic, and the ...
| |||||||
| FAQ | Members List | Calendar | Search | Today's Posts | Mark Forums Read |
01-05-2008, 02:41 AM
| ||||
| ||||
 How to see the whole MQ message transmitted with iptrace? Hello, I use iptrace(iptrace -i lo0 -a -b /tmp/iptrace.out) on AIX to trace the MQ message traffic, and the result is as following: IP: < SRC = 127.0.0.1 > (loopback) IP: < DST = 127.0.0.1 > (loopback) IP: ip_v=4, ip_hl=20, ip_tos=0, ip_len=532, ip_id=38528, ip_off=0 IP: ip_ttl=60, ip_sum=0, ip_p = 6 (TCP) TCP: <source port=1414(MQSeries), destination port=60027 > TCP: th_seq=ab39cc24, th_ack=ed1914e9 TCP: th_off=5, flags<PUSH | ACK> TCP: th_win=65535, th_sum=0, th_urp=0 TCP: 00000000 54534820 000001ec 01953000 00000000 |TSH ......0.....| TCP: 00000010 00000000 00000111 03b60000 000001ec |................| TCP: 00000020 00000002 000007f1 200d15c8 4d442020 |........ ...MD | TCP: 00000030 00000002 00000003 00000008 ffffffff |................| TCP: 00000040 00000000 00000111 000003b6 4d514852 |............MQHR| TCP: 00000050 46322020 00000004 00000001 00000000 |F2 ............| TCP: 00000060 00000000 00000000 00000000 00000000 |................| TCP: ******** TCP: 00000090 4541492e 5253312e 31202020 20202020 |EAI.RS1.1 | TCP: 000000a0 20202020 20202020 20202020 20202020 | | TCP: ******** TCP: 000000c0 4d514541 49542020 20202020 20202020 |MQEAIT | TCP: 000000d0 20202020 20202020 20202020 20202020 | | TCP: ******** TCP: 000000f0 6d716d20 20202020 20202020 00000000 |mqm ....| TCP: 00000100 00000000 00000000 00000000 00000000 |................| TCP: 00000110 00000000 00000000 00000000 20202020 |............ | TCP: 00000120 20202020 20202020 20202020 20202020 | | TCP: 00000130 20202020 20202020 20202020 0000001c | ....| TCP: 00000140 20202020 20202020 20202020 20202020 | | TCP: ******** TCP: 00000170 00000000 00000000 00000000 00000000 |................| TCP: 00000180 00000000 00000000 00000001 00000000 |................| TCP: 00000190 00000000 ffffffff 474d4f20 00000002 |........GMO ....| TCP: 000001a0 00003001 00001388 00000000 00000000 |..0.............| TCP: 000001b0 00000000 00000000 00000000 00000000 |................| TCP: ******** TCP: 000001e0 00000003 20202000 00001000 |.... ..... | It seems that iptrace only show partial message, how to sniff the whole message? Thanks a lot.      |
|
01-05-2008, 02:42 AM
| |||
| |||
| Re: How to see the whole MQ message transmitted with iptrace? dnlchou@yahoo.com (Daniel Chou) wrote in message news:<bc503f80.0407010433.4fccd0f0@posting.google. com>... > It seems that iptrace only show partial message, how to sniff the > whole message? > Thanks a lot. Have you tried to reassemble the message using ethereal? Raff raff-at-aster-dot-pl |
|
01-05-2008, 02:42 AM
| ||||
| ||||
| Re: How to see the whole MQ message transmitted with iptrace? that looks like one frame? you need to piece the packets together based on the ip_id ... grep out the ip_id and look for offsets into the packet and peice it together to get a better picture. Rgds Mark Taylor |
Linear Mode
