Bug ID 683282: tcpdump option added to capture on 'all interfaces' from host side using the option '0.0:h'

Last Modified: May 01, 2019

Bug Tracker

Affected Product:  See more info
BIG-IP All(all modules)

Known Affected Versions:
13.1.0, 13.1.0.1, 13.1.0.2, 13.1.0.3, 13.1.0.4, 13.1.0.5, 13.1.0.6, 13.1.0.7, 13.1.0.8, 13.1.1, 13.1.1.1, 13.1.1.2, 13.1.1.3, 13.1.1.4, 13.1.1.5

Fixed In:
14.0.0

Opened: Sep 13, 2017
Severity: 3-Major

Symptoms

tcpdump can be used to capture packets to and from the host side, which means an administrator can see the packets that are sent from tmm to the Linux kernel (and vice-versa). However, this only could be done on a specific VLAN. Now, the '0.0:h' interface option to capture all host side traffic on all interfaces and VLANs works.

Impact

The tcpdump interface option '0.0:h', to capture all host side traffic on all interfaces and VLANs, the operation captures no packets and will exit with the following message: tcpdump: Host modifier not supported on this interface.

Conditions

No specific conditions needed, interface option '0.0:h' never worked.

Workaround

There is no workaround at this time.

Fix Information

tcpdump now accepts the interface option '0.0:h' and will capture all host side traffic on all VLANs.

Behavior Change