How to Configure the Wireless Packet Obtaining Function
Configuration Tasks
The following table lists the configuration methods for the wireless packet obtaining function and supported file saving modes in different networking modes.
Networking Mode |
Configuration Delivery Device |
Configuration Method |
File Saving Mode |
|---|---|---|---|
AC+Fit AP |
AC |
CLI or web system |
Local cache or real-time upload |
Fat AP (including leader AP+Fit AP) |
Fat AP (or leader AP in leader AP+Fit AP networking) |
CLI |
Local cache or real-time upload |
Cloud AP |
SDN controller |
Web page of the SDN controller |
Local cache |
The difference between the CLI and web system configuration methods is that the latter visualizes the processes of the former. Their configuration processes are essentially the same.
Different from the CLI configuration, the cloud AP configuration features a unique configuration process. First, the configuration entry is the web page of the SDN controller. Second, cloud APs support only the local cache mode for saving the obtained packet files. Third, the configuration parameters of cloud APs are different from those in the CLI configuration. For example, before enabling wireless packet obtaining on a cloud AP, you need to set the obtained packet file name and packet obtaining duration.
Fit and Fat APs support the following service parameters:
- Wireless packet obtaining function that can be enabled or disabled
- Saving mode for obtained packet files, which can be local cache or real-time upload
- Maximum length of obtained data packets
- Obtained packets of a specified protocol
- Obtained packets with the specified MAC address
- Maximum size of obtained packet files locally saved on the AP
- Method for obtaining packets saved on the AP, which can be SFTP or FTP
- IPv4 or IPv6 address of the server for uploading obtained packets in real time
Service parameters that can be configured for cloud APs are subject to the web page of the SDN controller.
Configuring the Local Cache Mode Using the CLI
Data Plan
This section introduces how to configure a Fit AP to obtain wireless packets on an AC. The following table provides the data plan.
Configuration Item |
Data |
|---|---|
AP radio working mode |
normal: Only packets on the current working channel are obtained. |
AP and radio enabled with the wireless packet obtaining function |
AP ID: 1 Radio ID: 0 |
SFTP server to which obtained packets are to be uploaded |
|
Settings for obtained packets |
|
Prerequisites
An FTP or SFTP server has been configured to communicate with the AP to receive obtained packet files.
Procedure
- Configure the AP radio working mode.
By default, a radio works in normal mode. In this example, packets are obtained on the current working channel. Therefore, this configuration can be skipped.
To obtain packets on a specific channel, ensure that the AP works in monitor mode (configured using the work-mode monitor command). When enabling the wireless packet obtaining function, run the remote capture { ap-name ap-name | ap-id ap-id } radio radio-id start channel channel-id command to specify the channel where packets are to be obtained. To obtain packets on all channels, ensure that the AP works in monitor mode and the proxy scanning is enabled (configured using work-mode monitor proxy-scan dual-band-scan enable command).
- Set the saving mode of wireless packet obtaining function to local cache and configure wireless packet obtaining rules.
# Set the saving mode of wireless packet obtaining to local cache and retain the default size 1024 KB for the local storage file.
<HUAWEI> system-view [HUAWEI] diagnose [HUAWEI-diagnose] remote capture save-mode local
# Set the global packet upload mode to SFTP, IP address of the SFTP server to 10.23.10.1, SFTP user name to huawei, password to huawei123, and the maximum length of obtained packets to 64 bytes.
[HUAWEI-diagnose] remote capture upload-mode sftp sftp-server 10.23.10.1 sftp-username huawei sftp-password huawei123 [HUAWEI-diagnose] remote capture max-len 64
# Configure a packet filter profile named filter and specify that only packets with the source MAC address 00e0-fc12-3450 of all protocol types are obtained.
[HUAWEI-diagnose] remote capture filter-profile name filter [HUAWEI-diagnose] filter-profile name filter protocol-filter all [HUAWEI-diagnose] filter-profile name filter address-filter id 1 source-mac-address 00e0-fc12-3450
- Enable the wireless packet obtaining function.# Enable the wireless packet obtaining function on radio 0 of AP1 and bind the packet filter profile named filter to radio 0.
[HUAWEI-diagnose] remote capture ap-id 1 radio 0 start filter-profile name filter
- Disable the wireless packet obtaining function.# Disable the wireless packet obtaining function on radio 0 of AP1 after obtaining wireless packets required for maintenance.
[HUAWEI-diagnose] remote capture ap-id 1 radio 0 stop
- Upload the obtained packet files.# Upload the packets obtained on radio 0 of AP1 in the mode configured in step 2.
[HUAWEI-diagnose] remote capture ap-id 1 radio 0 get-packet
- Check the obtained wireless packets on the SFTP server. The file type is .pcap.
Verifying the Configuration
# Run the display remote capture configuration command to check configuration parameters for the wireless packet obtaining function.
[HUAWEI-diagnose] display remote capture configuration remote capture config-information ------------------------------------------------------------------------------ save mode : local file size : 1024 IP version : - IP address : - port : - packet size : 64 Upload mode : sftp SFTP server IP version : ipv4 SFTP server IP address : 10.23.10.1 SFTP username : huawei SFTP password : ****** ----------------------------------------------------------- the information of filter rule profile name filter as follow : - - - - - - - - - - - - - - - - - - - - - - filter protocol information: all - - - - - - - - - - - - - - - - - - - - - - filter address ID 1 information : - - - - - - - - - - - - - - - - - - - - - - src MAC : 00e0-fc12-3450 dest MAC : none bSSID : none - - - - - - - - - - - - - - - - - - - - - - ------------------------------------------------------------------------------
# Run the display remote capture status command to check the status of the wireless packet obtaining function. If the value of Capture Status displays start, the wireless packet obtaining function has been enabled.
[HUAWEI-diagnose] display remote capture status ------------------------------------------------------------------------------------------------------ AP ID AP name AP MAC Radio ID Capture status Channel Filter profile ------------------------------------------------------------------------------------------------------ 1 Huawei 00e0-fc24-0080 0 start - filter ------------------------------------------------------------------------------------------------------
Configuring the Real-Time Upload Mode Using the CLI
Prerequisites
The AP can communicate with the server.
Procedure
- Configure the AP radio working mode.
By default, a radio works in normal mode. In this example, packets are obtained on the current working channel. Therefore, this configuration can be skipped.
To obtain packets on a specific channel, ensure that the AP works in monitor mode (configured using the work-mode monitor command). When enabling the wireless packet obtaining function, run the remote capture { ap-name ap-name | ap-id ap-id } radio radio-id start channel channel-id command to specify the channel where packets are to be obtained. To obtain packets on all channels, ensure that the AP works in monitor mode and the proxy scanning is enabled (configured using work-mode monitor proxy-scan dual-band-scan enable command).
- Set the saving mode of the wireless packet obtaining function to real-time upload and configure wireless packet obtaining rules.
# Set the saving mode of wireless packet obtaining to real-time upload and set the IP address of the upload server to 192.168.1.100.
<HUAWEI> system-view [HUAWEI] diagnose [HUAWEI-diagnose] remote capture save-mode real-time ip-address 192.168.1.100
# Configure a packet filter profile named filter and specify that only packets with the source MAC address 00e0-fc12-3450 of all protocol types are obtained.
[HUAWEI-diagnose] remote capture filter-profile name filter [HUAWEI-diagnose] filter-profile name filter protocol-filter all [HUAWEI-diagnose] filter-profile name filter address-filter id 1 source-mac-address 00e0-fc12-3450
- Enable the wireless packet obtaining function.# Enable the wireless packet obtaining function on radio 0 of AP1 and bind the packet filter profile named filter to radio 0.
[HUAWEI-diagnose] remote capture ap-id 1 radio 0 start filter-profile name filter
- Disable the wireless packet obtaining function.# Disable the wireless packet obtaining function on radio 0 of AP1 after obtaining wireless packets required for maintenance.
[HUAWEI-diagnose] remote capture ap-id 1 radio 0 stop
Configuring the Local Cache or Real-Time Upload Mode on the Web System
Prerequisites
If the local cache mode is used, ensure that an FTP or SFTP server that can communicate with the AP network is available for receiving obtained packet files.
If the real-time upload mode is used, ensure that the AP can communicate with the server.
Procedure
- Configure the wireless packet obtaining function
# Choose Diagnosis > Wireless Packet Header Obtaining and configure the global packet filter criteria, packet saving mode, and file upload mode. This example also assumes that the wireless packet obtaining function is configured for Fit APs on the AC and local cache is used to save packet files. Set Save mode to Save locally, set other parameters such as Maximum size of stored files and Upload mode, and click Apply.
# Click Create in Filter Rule Profile Management, configure packet filter rules, including Profile name, Filter protocol and Address filter rules, and click OK.
- Enable the wireless packet obtaining function.
# In the wireless packet obtaining task list, click Add, set AP name, Radio ID, and Filter rule profile, and click OK. The wireless packet obtaining task starts.
- Disable the wireless packet obtaining function and obtain files.
# Click
in the Operation column of the wireless packet obtaining task list to disable the wireless packet obtaining function. In local cache mode, click
to upload packets to the server. Then you can check the packets on the server.
in the Operation column of the wireless packet obtaining task list to disable the wireless packet obtaining function. In local cache mode, click 
to upload packets to the server. Then you can check the packets on the server.Configuring Wireless Packet Obtaining for Cloud APs on iMaster NCE-Campus
Procedure
- Enter the wireless packet obtaining page.
# Log in to iMaster NCE-Campus and choose Maintenance > Diagnosis Tools > Packet Head Getting.
- Configure parameters related to wireless packet obtaining and enable the function.
# Set Device type to AP, Interface type to Wireless, set the device and radio requiring wireless packet obtaining, and configure the packet obtaining rules as required, including Wireless protocol (all by default), File Name, Duration (60s by default) and Filter Expression. The filter expression can specify the source MAC address, destination MAC address, or BSSID to filter packets. For example, you can use wlan.srcmac == 00:e0:fc:12:34:50 to specify that only packets with the source MAC address 00e0-fc12-3450 are obtained. After the configuration is complete, click Start to enable the packet obtaining function.
- Obtain the obtained packet files.
# After wireless packet obtaining is complete, the files are automatically uploaded and a page is displayed prompting you to save the files. Select a proper path to save the files. Then you can check the obtained packet files on the local PC.
