# ⁣⁣rpcapd command (Remote Packet Capture) ### Description RPCAP (Remote Packet Capture) protocol provides the ability to remotely capture packets passed over the network, allows the remote control and analysis of the transit data flows. RPCAP protocol consists of a server side daemon and a client side application. The client application (packet analyzer) connects to the server daemon, gives instructions which packets should be captured and manages the whole process. The server daemon sniffs the network traffic, captures the requested packets and passes them to the client side of the process to analyze the captured packets. The Evolution devices support RPCAP protocol and have a built-in RPCAP server daemon. It can be enabled and configured using the "*rpcapd*" command. **Syntax:** ``` rpcapd -user=USERNAME -key[=PASSWORD] [add|del|change] rpcapd [-port[=PORT]] [-maxconn[=MAXCONNECTIONS]] [start|stop] rpcapd [-buffersize=[SND_BUFFER_SIZE]] rpcapd {trace|notrace} rpcapd show [-s=SOURCENAME] rpcapd source rpcapd clear ``` ### Parameters
ParameterDescription

-user=USERNAME -key[=PASSWORD] [add|del|change]


Allows to manipulate with user accounts which are used to connect to the RPCAP server

  • "-user" username.
  • "-key" password.
  • "add/del/change" adds/deletes/changes a username and password. If no action is specified the command adds a new account or changes the existing user with the same "USERNAME".

NOTE

If no user account is configured in the system the RPCAP server daemon will reject all connections. For allowing any user account to connect to the server, use empty "user" and "key" parameters.

[-port[=PORT]] [-maxconn[=MAXCONNECTIONS]] [start|stop]

Starts/Stops the RPCAP server daemon.

  • "port" set the port.
  • "maxconn" – maximum concurrent connections permitted.

If no "port" or "maxconn" values are specified, the command sets the default RPCAP port value (2002) and unlimited number of allowed concurrent client connections.

[-buffersize=[SND_BUFFER_SIZE]]Sets the internal buffer size of the daemon for sending the captured packets to the client application. The default buffer size is 32Kb.
{trace|notrace}Enables/Disables writing daemon debug output to the unit’s system log.
show [-s=SOURCENAME]

Displays all currently active connections.

  • "-s" displays the PCAP filter information of the connection with the specified device’s interface name (SOURCENAME).
sourceDisplays the list of sources for this device that are available for monitoring via the RPCAP protocol.
clearClears the configuration and stops the daemon.
### Examples Allow any user account to connect to the server using the RPCAP protocol. ``` rpcapd -user= -key= ``` Use the "*source"* parameter to display the list of all sources available for this device ``` rpcapd source Type Name Description ---- --------------- -----------... I eth0 eth0 [link up-fd 100Mbps]=8103 I rf5.0 rf5.0 [link up-hd 225Mbps]=8103 I svi1 [virtual]=8003 I tun0 [virtual]=8010 A mint_rf5.0 rf5.0 MINT payload ``` --- # Agent Instructions: Querying This Documentation If you need additional information that is not directly available in this page, you can query the documentation dynamically by asking a question. Perform an HTTP GET request on the current page URL with the `ask` query parameter: ``` GET https://wiki.astrawireless.net/astra-wireless-documentation/technical-documentation/astraflex-technical-user-manual/layer-3-command-set-ip-networking/rpcapd-command-remote-packet-capture.md?ask= ``` The question should be specific, self-contained, and written in natural language. The response will contain a direct answer to the question and relevant excerpts and sources from the documentation. Use this mechanism when the answer is not explicitly present in the current page, you need clarification or additional context, or you want to retrieve related documentation sections.