tcpdump whitelist filter for UPnP -
how capture all upnp traffic tcpdump? i’d use “white list” , collect upnp traffic, not else.
so have started , wrote filter:
tcpdump -i eth0 -nevvv -s 0 '(udp port 1900) or (tcp port 2869)' used following info wikipedia:
- upnp uses udp port 1900 , tcp port 2869.
how elaborate filter further?
it's not quite simple that. ssdp (the discovery protocol) uses port 1900 (and apparently in cases 2869) actual upnp service can on whatever port: ssdp way discover port , other details service.
see upnp device architecture spec (pdf) more details.
Comments
Post a Comment