Get-Packet Cmdlet
Parameters Output Objects Configuration Settings
The Get-Packet cmdlet is used to listen to network traffic.
Syntax
Get-Packet [parameters]
Remarks
The get-packet cmdlet will bind to a specific local host address and listen for network traffic received by the interface. The interface must support promiscuous mode (this may not work in many wireless cards because of security considerations). This is not supported on operating systems released prior to Windows 2000.
NOTE: If your computer connects to a switch, the switch will only forward packets addressed to your computer. If your computer is on a hub, then you will receive everything.
The use of this cmdlet requires administrative permissions.
The cmdlet can be used without additional parameters, or you can set LocalIP to the IP address whose traffic you wish to monitor (if it is not the default), and set Time to the number of seconds you wish to monitor traffic. For each packet that crosses the interface, the cmdlet will return a Packet object.
The cmdlets support pipeline input for some of their parameters. Prebuilding an object and piping it to the cmdlet is very useful, but should be used with caution to prevent security conflicts. Steps have been taken to decrease the risk of a possibly accidental pipe to the cmdlet, for instance, the Credential parameter cannot be piped to the cmdlet and must be specified manually.
# listen for one hourget-packet -time 3600# listen on a specific interfaceget-packet -localip $ipaddrParameter List
The following is the full list of the parameters of the cmdlet with short descriptions. Click on the links for further details.
| LogFile | The location of a file to which debug information is written. |
| Config | Specifies one or more configuration settings. |
| LocalIP | The local interface specified by its IP address. |
| LogFile | The location of a file to which debug information is written. |
| Protocol | The protocol name to use as a filter. |
| Time | The duration of the bind. |
Output Objects
The following is the full list of the output objects returned by the cmdlet with short descriptions. Click on the links for further details.
| Packet | This object contains details about a packet received while the cmdlet was sniffing. |
Configuration Settings
The following is a list of configuration settings for the cmdlet with short descriptions. Click on the links for further details.
| ReceiveAllMode | Enables a socket to receive all IPv4 or IPv6 packets on the network. |
| Timestamp | MicroSeconds from UNIX Epoch (1977-01-01). |
| AbsoluteTimeout | Determines whether timeouts are inactivity timeouts or absolute timeouts. |
| FirewallData | Used to send extra data to the firewall. |
| InBufferSize | The size in bytes of the incoming queue of the socket. |
| OutBufferSize | The size in bytes of the outgoing queue of the socket. |
| UseBackgroundThread | Whether threads created by the cmdlet are background threads. |
| UseInternalSecurityAPI | Tells the cmdlet whether or not to use the system security libraries or an internal implementation. |