Today I needed to check what devices are being pinged so I ran snoop icmp on the Solaris box in question and downloaded the snoop file to my pc for analysis with Etereal.
The following command extracts only the ping replies.
tethereal.exe -r "23oct2005.snoop" -t d -R "icmp.type == 0"
I needed to limit it to ICMP type zero as there were also ICMP type 3 "Destination Unreachable" ICMP packets mixed in from failed SNMP queries.
Posted by stuartcw at January 23, 2006 04:37 PM