Ask Your Question

Revision history [back]

Remote packet capturing is not working in Alibaba Cloud CentOS ECS

I have 2 CentOS instances created in Alibaba Cloud.

one of the them has entered the following command:

yum install glibc-static gcc flex
wget http://www.winpcap.org/install/bin/WpcapSrc_4_1_2.zip --no-check-certificate
unzip WpcapSrc_4_1_2.zip
cd winpcap/wpcap/libpcap/
chmod +x configure runlex.sh
CFLAGS=-static ./configure
make
cd rpcapd/
make
sudo ./rpcapd -4 -n -p 6666

The other one entered the following command to perform remote capturing from the first one:

./tshark -i rpcap://[Private IP of first ECS]:6666/eth0 -T ek -b interval:10 -w /wireshark/captured_pcap/xxxx_eth0.json

However, I have the following error after typing it:

Capturing on 'rpcap://[Private IP of first ECS]:6666/eth0'
tshark: The capture session could not be initiated on interface 'rpcap://[Private IP of first ECS]:6666/eth0' (No such device exists).
Please check that you have the proper interface or pipe specified.
0 packets captured

I have added a permit port 6666 ACL from the second ECS to first ECS, does anyone encountered the above issue before?

Alibaba Cloud Support said it is out of their service area so they will not have any support on that.

Thank you.