IP Trace in AIX

1. Run iptrace on AIX interface en1 to capture port 80 traffic from a single client IP to a server IP:

iptrace -a -i en1 -s clientip -b -d serverip -p 80 trace.out

This trace will capture both directions of the port 80 traffic on interface en1 between the clientip and serverip and send this to the raw file of trace.out.

2. Reproduce the problem, then run the following:

ps -ef|grep iptrace
kill -15


Trace tools like Wireshark can read trace.out files created by iptrace