Ask Your Question

Revision history [back]

click to hide/show revision 1
initial version

Remote packet capturing is not working in Alibaba Cloud CentOS ECS

I have 2 CentOS instances created in Alibaba Cloud.

one of the them has entered the following command:

yum install glibc-static gcc flex
wget --no-check-certificate
cd winpcap/wpcap/libpcap/
chmod +x configure
CFLAGS=-static ./configure
cd rpcapd/
sudo ./rpcapd -4 -n -p 6666

The other one entered the following command to perform remote capturing from the first one:

./tshark -i rpcap://[Private IP of first ECS]:6666/eth0 -T ek -b interval:10 -w /wireshark/captured_pcap/xxxx_eth0.json

However, I have the following error after typing it:

Capturing on 'rpcap://[Private IP of first ECS]:6666/eth0'
tshark: The capture session could not be initiated on interface 'rpcap://[Private IP of first ECS]:6666/eth0' (No such device exists).
Please check that you have the proper interface or pipe specified.
0 packets captured

I have added a permit port 6666 ACL from the second ECS to first ECS, does anyone encountered the above issue before?

Alibaba Cloud Support said it is out of their service area so they will not have any support on that.

Thank you.