DHCP command line diagnostics – an aternative to Wireshark

I do prefer small command line utilities over heavy GUI tools and use then whenever possible. Command line has better post-processing possibilities (you can pipe output to other tools) and automation (you can easily script them). Small example of network scan below.

For example sometimes you want to analyze DHCP requests details but without overhead needed by Wireshark (you may work over SSH without GUI). Then it's very easy using some useful command line tool. Recently I needed to check "Vendor class identifier" field sent from device with given MAC address: (1C:C6:3C:74:B9:47 in our case). It's very easy:

$ sudo dhcpdump -i eth0 -h 1C:C6:3C:74:B9:47 | grep 'Vendor class identifier'
OPTION:  60 ( 25) Vendor class identifier   ABC8776
OPTION:  60 ( 25) Vendor class identifier   ABC8776

"eth0" was my local device used for sniffing network packers.

As  you can see it was very easy (and much faster that typical Wireshark use).

This entry was posted in en and tagged . Bookmark the permalink.