Linux command to check the last packet received from particular IP subnet.
 

Dears,
I am new to linux. I working with telecom company. In my system we receive the traffic from some IP subnets. But from few days i was unable to receive the traffic from one of the IP subnet.
Can anyone give me the command to check, when the last packet was received from that IP subnet.

Thanks,

Welcome to LQ!
will capture and keep 100 packets in sniff.pcap, which can be played back for analysis.

That's all I know.

You would want to grep for the address in your traffic logs.
If you weren't logging it then, no, you can't.

Thanks dear for your reply...

I tried with the command u posted... but nothing is captured. my question is that from the particular IP i was receiving the traffic. I dont know when it was stopped. I want to check on my server when it was stopped... date and time. For more information it is RADIUS traffic..

is there any log will save on the server?


Thanks for the support....

grep the logs
will show you file hits

Let's say /var/log/auth.log shows up from that command.
Then you'd and start poking around.

Wide search:
This will collect all info in all logs for that ip and stick it in the text file ~/curious_ip-dump.txt

Browse that file.

Thanks dear for your reply...

I tried with the command u posted... but nothing is captured. my question is that from the particular IP i was receiving the traffic. I dont know when it was stopped. I want to check on my server when it was stopped... date and time. For more information it is RADIUS traffic..

is there any log will save on the server?


Thanks for the support....

Logging at the packet level would create massive log files. You could perhaps find useful information on the radius server.