NetCmdlets 2016
NetCmdlets 2016
Questions / Feedback?

Get-Packet Cmdlet

Parameters   Output Objects   Configuration Settings  

The Get-Packet cmdlet is used to listen to network traffic.

Syntax

Get-Packet [parameters]

Remarks

The get-packet cmdlet will bind to a specific local host address and listen for network traffic received by the interface. The interface must support promiscuous mode (this may not work in many wireless cards because of security considerations). This is not supported on operating systems released prior to Windows 2000.

NOTE: If your computer connects to a switch, the switch will only forward packets addressed to your computer. If your computer is on a hub, then you will receive everything.

The use of this cmdlet requires administrative permissions.

The cmdlet can be used without additional parameters, or you can set LocalIP to the IP address whose traffic you wish to monitor (if it is not the default), and set Time to the number of seconds you wish to monitor traffic. For each packet that crosses the interface, the cmdlet will return a Packet object.

The cmdlets support pipeline input for some of their parameters. Prebuilding an object and piping it to the cmdlet is very useful, but should be used with caution to prevent security conflicts. Steps have been taken to decrease the risk of a possibly accidental pipe to the cmdlet, for instance, the Credential parameter cannot be piped to the cmdlet and must be specified manually.


# listen for one hour
get-packet -time 3600
# listen on a specific interface
get-packet -localip $ipaddr

Parameter List


The following is the full list of the parameters of the cmdlet with short descriptions. Click on the links for further details.

LogFileThe location of a file to which debug information is written.
ConfigSpecifies one or more configuration settings.
LocalIPThe local interface specified by its IP address.
LogFileThe location of a file to which debug information is written.
ProtocolThe protocol name to use as a filter.
TimeThe duration of the bind.

Output Objects


The following is the full list of the output objects returned by the cmdlet with short descriptions. Click on the links for further details.

PacketThis object contains details about a packet received while the cmdlet was sniffing.

Configuration Settings


The following is a list of configuration settings for the cmdlet with short descriptions. Click on the links for further details.

ReceiveAllModeEnables a socket to receive all IPv4 or IPv6 packets on the network.
TimestampMicroSeconds from UNIX Epoch (1977-01-01).
AbsoluteTimeoutDetermines whether timeouts are inactivity timeouts or absolute timeouts.
FirewallDataUsed to send extra data to the firewall.
InBufferSizeThe size in bytes of the incoming queue of the socket.
OutBufferSizeThe size in bytes of the outgoing queue of the socket.
UseBackgroundThreadWhether threads created by the cmdlet are background threads.
UseInternalSecurityAPITells the cmdlet whether or not to use the system security libraries or an internal implementation.

 
 
Copyright (c) 2019 /n software inc. - All rights reserved.
NetCmdlets 2016 - Version 16.0 [Build 7240]