tcpdump checkpoint command

I rarely use Linux but now, for one reason, I have to, because I have a problem with my provider. arcount Write "stop" and press enter to stop the packets capture process. A Security Group can contain one or more Security Gateway Modules. In particular, Domain Name service requests (RFC 1034/1035) and Sun Try this! Specify the source port to match or leave blank for any port. regard to the TCP control bits is. Learn how your comment data is processed. My site to site vpn is working. Try writing the packets to a file (or files to limit size) rather than displaying packets to the screen. Tcpdump is a CLI tool to capture raw network packets. indicates that XO (`exactly once') was not set. (assuming 19.168.1.1 you attempted filtering for is an internal host). regardless whether ACK or another TCP control bit is set. Possibly a few packets on UDP/500 for periodic key exchanges / updates, and a few when first establishing the tunnel. We are happy to share the recording of Demo class which was conducted on 2nd Sept 2016.Topic: How to use tcpdump command to troubleshoot checkpointIn case yo. Please keep in mind that all comments are moderated and your email address will NOT be published. If youre looking for one particular kind of traffic, you can use tcp, udp, icmp, and many others as well. Single quotes are used in order to tell tcpdump to ignore certain special charactersin this case below the ( ) brackets. please see the file Check Point Firewall : How to troubleshoot using FW Monitor and TCPDUMP Live Troubleshooting Session#FWMonitor #TCPdump #Troubleshooting When you have only command line terminal access of your system, this tool is very helpful to sniff network packets. Specify the VSX ID you want to capture on. Other flag characters that might appear are `-' (recursion available, The following TCP flag where: DEVICE is the sniffer or capture NIC's device name use the ifconfig command to see list of NIC device names. "fw ctl zdebug" is a powertool that is not exhausted from being used with "fw ctl zdebug drop". subnet tcpdump filter Share Improve this question Follow -w tcpdump is a well known command line packet analyzer tool. Despite its name, with tcpdump, you can also capture non-TCP traffic such as UDP, ARP, or ICMP. the `access control' and `frame control' fields, the source and "fw ctl zdebug" is an R&D tool for testing software in development. format is intended to be self explanatory. To list the number of available interfaces on the system, run the following command with -D option. NBP (name binding protocol) and ATP (AppleTalk transaction protocol) If the -v flag is given three times, the security index and service id (N.B. # tcpdump -i eth0 "icmp [0] == 8". Use this section to change the chain position options of, Use this section to change which point(s) of inspection. present. Members in the Security Group. Finally, the amount of data in the packet and compressed header length If specified, rotates the dump file specified with the -w option every rotate_seconds seconds. the decimal value 2", which is exactly what we want. additional records section, Support Center> Search Results> SecureKnowledge Details These commands are enhancements to the standard tcpdump utility: Syntax tcpdump [-b <SGM IDs>] -mcap -w <Output File> [<tcpdump Options>] Now, let's assume that we need to capture SYN packets, but we the LLC header is printed if it is not an ISO datagram or a It is not commonly integrated into operating systems, so you need to install it from the tcpdump GitHub registry or from the official tcpdump . select only the RST and ACK flags in the flags field, and if the result [root@CentOs]# tcpdump -i any icmp In the above we have taken a capture over all interfaces of a Linux machine, you can specify only the desired interface. expression (See the picture) Create your packet capture filter with these selectors. not correctly handle source-routed Token Ring packets. for the Ubik protocol). A . TCP `conversation', it prints the sequence number from the packet. Use these options to set the command-line syntax options which will change how the ASA PCap works and displays output. flag, which causes it to save the packet data to a file for later In the second example, helios responds to query 2 with a Use this section to have tcpdump provide you information. to search or browse the thousands of published articles available FREELY to all. Applies to Security Group Members as specified by the . Note that you can use all the regular commands within tcpdump while reading in a file; youre only limited by the fact that you cant capture and process what doesnt exist in the file already. Create your packet capture filter with these selectors. My CISCO phone can not establish a connection because, I suppose, the provider blocked ports or services at my address. ping packets): The output of tcpdump is protocol dependent. tcpdump [-b ] -mcap -w [], tcpdump -view -r []. are output only if appropriate. tcpdump command becomes very handy when it comes to troubleshooting on network level. If the -v (verbose) flag is given, additional information is printed. But using -c option, you can capture a specified number of packets. is printed. Capture only HTTP GET and POST packets 3. Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type. https://download.samba.org/pub/samba/specs/ and other online resources. To report a security issue please send an e-mail to. CPUG: The Check Point User Group; Resources for the Check Point Community, by the Check Point Community. -w |password=|pass:|user:|username:|password:|login:|pass |user ', Reading / Writing Captures to a File (pcap), From specific IP and destined for a specific Port, Traffic From a Host That Isnt on a Specific Port. and the number in parens is the amount of data in the packet, Show Traffic Related to a Specific Port You can find specific port traffic by using the port option followed by the port number. Tcpdump can resolve host names like regular tools. nscount, printed for source-routed packets. tcpdump less 32 tcpdump greater 64 tcpdump <= 128. flag, which causes it to read a list of saved packet files. Using the SIGUSR2 signal along with the Extract HTTP User Agents 2. For connection to a remote TFTP server we use the Mikrotik router. Run tcpdump filtering for the IP address of the VPN peer. In The packet contained no data so there is no data sequence number or length. special privileges. tcpdump -vvAls0 | grep 'Set-Cookie|Host:|Cookie:'. Using the command line interface (CLI): diagnose: diagnose tcpdump start|stop Allows you to use tcpdump to log packet traffic information for a target database and save it to the local disk. AFS reply packets do not explicitly identify the RPC operation. Specify whether or not to print UUID or SUUID information per packet. tcpdump101.com - Packet Hunting Made Easier Cisco ASA If this is your first time here or this is your first time viewing this new version, please read below about how to use this tool. If youre looking for packets of a particular size you can use these options. Using tcpdump command we can capture the live TCP/IP packets and these packets can also be saved to a file. Check out Browse my other tutorials as well. There are several actions that could trigger this block including submitting a certain word or phrase, a SQL command or malformed data. To find packets going to or from a particular network or subnet, use the net option. Just rememberwhen in doubt, run the command above with the port youre interested in, and you should be on your way. Every Security Group contains: (A) Applicable Uplink ports, to which your production networks are connected; (B) Security Appliances (the Quantum Maestro Orchestrator determines the applicable Downlink ports automatically); (C) Applicable management port, to which the Check Point Management Server is connected. Practical tcpdump examples 1. Specify if tcpdump should be displayed as ASPLAIN or ASDOT. depend on the contents of the packet's TCP protocol header and If you need to capture with more size then specify the buffer size with "-s". To print the start and end packets (the SYN and FIN packets) of each Leave blank for standard output (display to screen). Specify additional display verbosity at different levels of the OSI model. Saves the captured packets at the specified path in a file with the specified the name. Write "stop" and press enter to stop the packets capture process. not You can just search "VPN" on a "LOGS and Monitoring" section. Thanks to Peter at hackertarget.com for inspiration on the new table of contents (simplified), and also for some additional higher-level protocol filters added in July 2018. The current version is available via HTTPS: The original distribution is available via anonymous ftp: IPv6/IPsec support is added by WIDE/KAME project. [Global] MyChassis-ch01-01 > tcpdump -mcap -w /tmp/capture.cap. Specify if tcpdump should print domain names. flag, it will capture packets until it is interrupted by a SIGINT or (i.e. your ``status'' character, typically control-T, although on some and then reports ``[|tcp]'' to indicate the remainder could not be replaced with tcp[tcpflags]. question section is printed rather than real query in the answer with an implicit connection identifier; the ack has changed by 6, This website is using a security service to protect itself from online attacks. socket buffer since csam's receive window has gotten 19 bytes smaller. Security Groups work separately and independently from each other. In addition, you will have to terminate the capture with ^C when you believe you have captured enough packets. jssmag.209 initiates the next request. Tcpdump can be installed by default in some Linux distributions (just type in command line tcpdump), overwise, install it by the command. pcap-filter(7) You can also subscribe without commenting. square brackets: If a query contains an answer, authority records or Applies to all Security Group Members and all Chassis, One Security Group Member (for example, 1_1), A comma-separated list of Security Group Members (for example, 1_1,1_4), A range of Security Group Members (for example, 1_1-1_4), In Dual Chassis, one Chassis (chassis1, or chassis2), In Dual Chassis, the Active Chassis (chassis_active). UDP format is illustrated by this rwho packet: Some UDP services are recognized (from the source or destination Im currently (sort of) writing a book on tcpdump for No Starch Press. Wireshark is one of the best network sniffers for Windows-based systems. the TCP protocol described in RFC 793. Hosting Sponsored by : Linode Cloud Hosting. 6 Wc Command to Count Number of Lines, Words, and Characters in File, How to Use tee Command in Linux [8 Useful Examples], How to Run Commands from Standard Input Using Tee and Xargs in Linux, How to Modify Linux Kernel Variables Using sysctl Command, 4 Useful Commands to Clear Linux Terminal Screen, How to List and Extract tar.xz File in Linux. and the packet length. don't care if ACK or any other TCP control bit is set at the Can you help me? feature, causing the original sequence numbers to be output. Use thse "tcpdump" commands in Gaia gClish The name of the global command line shell in Check Point Gaia operating system for Security Gateway Modules. use the following CLI command to check the VPN network packets: # fwaccel off# fw monirot -e "accept(host=192.168.1.1);"# fwaccel on, You can find more about fw monitor in my article:R80.x - cheat sheet - fw monitor. that's either too small or beyond the end of the header), tcpdump Be warned that with -v a single SMB packet On productive systems it can have ahigh performance impact. Some primitive decoding of IPX and if ACK or any other control bit is set as long as SYN is set. you need to be in expert mode to invoke TCPDUMP. CONTRIBUTING.md To filter ICMP echo-requests, we can use this tcpdump command. The general format of a TCP protocol line is: Iptype, Src, dst, and flags are always present. (N.B. in. corresponding request, it might not be parsable. Its often useful to save packet captures into a file for analysis in the future. Here is a short sample taken from the start of an `rlogin' from gives a brief description and examples of most of the formats. Transarc AFS (Andrew File System) requests and replies are printed signal (generated, for example, by typing your interrupt character, Tecmint: Linux Howtos, Tutorials & Guides 2023. It saves the file in a pcap format, that can be viewed by tcpdump command or an open-source GUI-based tool called Wireshark (Network Protocol Analyzer) that reads tcpdump pcap format files. -S : Get the entire packet. It is recommended to set this to a small number to avoid resource overhead and for ease of readability. Just see whats going on, by looking at whats hitting your interface. RPC calls (RFC 1050) to NFS. Here are some additional ways to tweak how you call tcpdump. tcpdump -nni eth2.2 host 10.197.112.5 -w/var/log/raj.pcap -s 1024. tcpdump: listening on eth2.2, link-type EN10MB (Ethernet), capture size 1024 bytes. The expression argument can be passed to tcpdump as either a single [Global] MyChassis-ch01-01 > tcpdump -mcap -w /tmp/capture.cap. Commands you run in this shell apply to all Security Appliances in the Security Group. In all cases, Parameters Examples Some believe that inverse queries are themselves a bug and This command will capture ICMP packets that are being transmitted and received on the eth0 interface. RA, not set) and `|' (truncated message, TC, set). as relative byte positions in the conversation's data stream (with the tcp-push, tcp-ack, tcp-urg. This means that sequence numbers after the Check Point TCP Dump Category:Check Point -> Security Appliances. parentheses after the IP or the link-layer header. Well, this primer should get you going strong, but the man page should always be handy for the most advanced and one-off usage scenarios. depends on the operation type. There are a number of options available, you can use the options as per your requirement. description is preceded by a time stamp, printed, by default, as hours, as: In general, all AFS RPCs are decoded at least by RPC call name. Hex output is useful when you want to see the content of the packets in question, and its often best used when youre isolating a few candidates for closer scrutiny. Tcpdump prints out a description of the contents of packets on a Specify how many bytes tcpdump should capture for each packet. resends them then jssmag.209 releases the transaction. Reads the captured packets (in the tcpdump format) from the specified path from a file with the specified the name. Default is either-bound. The below example will only capture 6 packets. In our previous article, we have seen 20 Netstat Commands (netstat now replaced by ss command) to monitor or manage a Linux network. We put together a list of essential commands and put them in the. in order to use it) and will continue capturing packets. the `frame control' fields, all of the addresses in the 802.11 header, so we know that for packets with SYN set the following skewed time stamps (the time change is ignored). For optimal usability, please increase your window size to (at least) 900x700. This website uses cookies. All To capture packets from destination IP, say you want to capture packets for 50.116.66.139, use the command as follows. Specify whether or not packets are displayed with a full flow trace or not. are printed. 1. When excluding the ATP header. tcpdump filter examples Here is a list of several ways to build filters, and some of the more common ways that you might want to view data. tcpdump also gives us an option to save captured packets in a file for future analysis. Jssmag.209 then requests that packets 3 & 5 be retransmitted. Saves the captured packets at the specified path in a file with the specified the name. Note that we don't want packets from step 2 Search for jobs related to Tcpdump command to capture udp packets or hire on the world's largest freelancing marketplace with 22m+ jobs. TCP conversation that involves a non-local host. NOTE: Selecting any of these options will. You can combine this with the src and dst options as well. binary value of octet 13 with some other value to preserve C. Collects traffic dump from CIN network. is printed. Specify a Layer-4 destination port between 0-65535 where '0' is all Layer-4 destination ports. NetBEUI SMB data is also done. Error codes are printed for abort packets, with the exception of Ubik tcpdump [-b ] -mcap -w [], tcpdump -view -r []. Security Groups work separately and independently from each other. Specify whether or not packets are displayed in real-time or not. is "RST and ACK both set", match), To print all IPv4 HTTP packets to and from port 80, i.e. SYN-ACK set, but not those with only SYN set. We recommend that you use the latter. using man2html and other tools. kill(1) I would like to use the tcpdump command to get a response, where there is a problem in the path to my TFTP server. Specify a Layer-3 destination IP where '0' is all Layer-3 addresses. I truly hope this has been useful to you, and feel free to contact me if you have any questions. expression for tcpdump. The tcpdump output below display data from different connection scenarios between host 192.168.2.10 and 192.168.2.165. Specify a Layer-3 source IP where '0' is all Layer-3 addresses. On SLIP links, a direction indicator (``I'' for inbound, ``O'' for outbound), By default, all output lines are preceded by a timestamp. Follow me on Twitter @Grave_Rose (new window), Join the discussion at /r/tcpdump101 (new window), Download commands to run your own copy of tcpdump101.com, Go to the development site to see what's coming up (new window), Start Over (Page will reload and ALL changes will be lost), Use these options to set the command-line syntax options which will change how, Specify the name of the interface you want to run. A change is indicated by U (urgent pointer), W (window), A (ack), packets that contain data, not, for example, SYN and FIN packets and Generally, a lot of TCP traffic flows in a typical SSL exchange. There are 8 bits in the control bits section of the TCP header: Let's assume that we want to watch packets used in establishing the `frame control' field, the source and destination addresses, tcpdump --interface any. ; If you want to run a test to validate remove the -w option; output is sent to the console.? PureVPN not working with Disney? The tcpdump output below display data from different connection scenarios between host 192.168.2.10 and 192.168.2.165. Use "kill": 4. Van Jacobson, Lawrence Berkeley National Laboratory, University of California, Berkeley, CA. The -l switch lets you see the traffic as youre capturing it, and helps when sending to commands like grep. is used to translate AppleTalk net and node numbers to names. # tcpdump -i eth0 icmp. TCP Dump - TCPDUMP is a powerful tool for debugging on checkpoint, tcpdump feeds directly to the screen packets crossing an interface, if dumped to a file TCPDUMPS can be read by wire shark. Check Point vsec virtual ARP not updated on VMware ipassignment.conf -- is there a logfile to check a Understanding fw ctl conntab / Issues with Jenkins Understanding fw ctl conntab / Issues with Jenkins after introducing firewall. Quantum Scalable Chassis R81 Administration Guide, https://training-certifications.checkpoint.com/#/courses/Check%20Point%20Certified%20Expert%20(CCSE)%20R80.x. tcpdump is the tool everyone should learn as their base for packet analysis. We can apply tcpdump on eth2.2. additional header information is printed, such as the RX call ID, The filters below find these various packets because tcp[13] looks at offset 13 in the TCP header, the number represents the location within the byte, and the !=0 means that the flag in question is set to 1, i.e. 20 Funny Commands of Linux or Linux is Fun in Terminal, How to Change UUID of Partition in Linux Filesystem, How to Install locate Command to Find Files in Linux, How to Find All Clients Connected to HTTP or HTTPS Ports, Sysmon A Graphical System Activity Monitor for Linux, 4 Useful Commandline Tools to Monitor MySQL Performance in Linux, httpstat A Curl Statistics Tool to Check Website Performance, HardInfo Check Hardware Information in Linux, Observium: A Complete Network Management and Monitoring System for RHEL/CentOS, How To Install and Connect an Agent to Pandora FMS Server, How to Optimize and Compress JPEG or PNG Images in Linux Commandline, mimipenguin Dump Login Passwords From Current Linux Users, 11 Ways to Find User Account Info and Login Details in Linux, How to Block or Disable Normal User Logins in Linux, 5 Ways to Find a Binary Command Description and Location on File System, 2 Ways to Re-run Last Executed Commands in Linux, 7 Best Command-Line Email Clients for Linux in 2020, 10 Tools to Take or Capture Desktop Screenshots in Linux, Top 5 Open-Source Project Management Tools for Linux, 32 Most Used Firefox Add-ons to Improve Productivity in Linux. As on FDDI networks, If the '-e' option is given, the link level header is printed out. Tcpdump tcpdump 'tcp[(tcp[12]>>2):4] = 0x5353482D', tcpdump port http or port ftp or port smtp or port imap or port pop3 or port telnet -lA | egrep -i -B5 'pass=|pwd=|log=|login=|user=|username=|pw=|passw=|passwd= Such dump files are sometimes . How do i check using tcpdump or any tcpdump equivalent method so that i can verify the "to and fro" traffic in the event of troubleshooting other than verifying the tunnel (using "vpn tu" command) is up. will, if not run with the Reading a saved packet file doesn't require The menu on the left will take you to different modules where you can build packet capture syntax to run on network devices. The `:digit' following the The material in this site cannot be republished either online or offline, without our permission. `question' section doesn't contain exactly one entry, `[nq]' You can show your encrypted traffic through the site to site VPN. Instead, option -c. tcpdump -c number. instead of the non-NFS port number of the packet. All of these are optional. packets are assumed to contain an LLC packet. For example, capture all HTTP traffic from a source IP address 192.168..102, run the following command: tcpdump -n src 192.168..102 and tcp port 80. Use thse " tcpdump " commands in Gaia gClish to capture and show traffic that is sent and received by Security Group Members in the Security Group. same time. tcpdump keeps track of ``recent'' requests, and matches them to the value between 0 and 7; for example, `async4'. NFS reply packets do not explicitly identify the RPC operation. December 3, 2018 Check Point released a new tool called CPPCAP as an alternative for the well known Linux tool tcpdump. On Token Ring networks, the '-e' option causes tcpdump to print If the packet is compressed, its encoded header is printed out. Commentdocument.getElementById("comment").setAttribute( "id", "a780f307e75f43188ee25e7ecb78f80f" );document.getElementById("b311dc7799").setAttribute( "id", "comment" ); Save my name, email, and website in this browser for the next time I comment. Right-click on the image below to save the JPG file (2500 width x 1803 height in pixels), or click here to open it in a new browser tab. https://community.checkpoint.com/t5/Enterprise-Appliances-and-Gaia/R80-20-cheat-sheet-fw-monitor/td- https://community.checkpoint.com/t5/API-CLI-Discussion-and-Samples/FW-Monitor-SuperTool/td-p/60098. The tcpdump command has the option where you can specify the ICMP as a filter to the capture. We have numbered the bits in this octet from 0 to 7, right to Merging captured packets from SGMs to /tmp/capture.cap [Global] MyChassis-ch01-01 > tcpdump -b 1_1,1_3,2_1 -mcap -w /tmp/capture.cap -nnni eth1-Mgmt4, [Global] MyChassis-ch01-01> tcpdump -view -r /tmp/capture.cap, Reading from file /tmp/capture.cap, link-type EN10MB (Ethernet), [1_3] 14:11:57.971587 IP 0.0.0.0.cp-cluster > 172.16.6.0.cp-cluster: UDP, length 45, [2_3] 14:12:07.625171 IP 0.0.0.0.cp-cluster > 172.16.6.0.cp-cluster: UDP, length 45, [2_3] 14:12:09.974195 IP 0.0.0.0.cp-cluster > 172.16.6.0.cp-cluster: UDP, length 37, [2_1] 14:12:09.989745 IP 0.0.0.0.cp-cluster > 172.16.6.0.cp-cluster: UDP, length 45, [2_3] 14:12:10.022995 IP 0.0.0.0.cp-cluster > 172.23.9.0.cp-cluster: UDP, length 32. Lets look for all traffic coming from 192.168.x.x and going to the 10.x or 172.16.x.x networks, and were showing hex output with no hostname resolution and one level of extra verbosity. I'm using the following tcpdump command: tcpdump -w net75.out -s 0 host 65.207.95.222 I want to change the filter on the single host to be all addresses in the following subnet: 65.192../10 I have not been able to figure out how to specify a tcpdump filter to do this. You can also negate the item by selecting the "not" option. metacharacters. Useful Check Point Commands Useful FW Commands Provider 1 Commands VPN Commands Gaia Show (Clish) Commands Gaia Set (Clish) Commands Few Useful SPLAT CLI Commands Few Useful VSX CLI Commands Reference Links: Commands and tips to not only use tcpdump but master ways to know your network. On the outside interface if the firewall you should see ESP packets to/from the IP addresses of the two VPN gateways, these are the encrypted and encapsulated packets. -v It is very useful for various forms of network troubleshooting. First. URGs and ACKs are displayed, but they are shown elsewhere in the output rather than in the flags field. a TCP connection. Here is the opening portion of an rlogin from host rtsg to To capture packets for a specific interface, run the following command with option -n. To capture packets based on TCP port, run the following command with option tcp. the http connection could be a 5-6s latency occasionally. Answer (1 of 3): 1. You can use our TcpDump CheatSheet for free - just follow the link below! We recommend that you upgrade to a 2.2 or later kernel. There is not much to be found in Check Point KB or in the documentation. Provide your contact details below to receive a customized quote for Vulnerability Scanning. Finally, Use thse "tcpdump" commands in Gaia gClish The name of the global command line shell in Check Point Gaia operating system for Security Appliances connected to Check Point Quantum Maestro Orchestrators. That option simply skips name resolution. platforms, such as macOS, the ``status'' character is not set by This same technique can be used to group using other expressions such as host, port, net, etc. Although tcpdump is quite useful and can capture any amount of data, this usually results in large dump files, sometimes in the order of gigabytes. tcpdump is not part of the Wireshark distribution. or a new value (=n). does not work against IPv6 packets. the binary value of a SYN: We see that this AND operation delivers the same result Common Options: -nn : Dont resolve hostnames or port names. tcpdump Unix Linux Command - Tcpdump prints out the headers of packets on a network interface that match the boolean expression. When it opens in a new browser tab, simply right-click on the PDF and navigate to the download/save selection, usually located in the top right-hand corner of the screen. On the outside interface if the firewall you should see ESP packets to/from the IP addresses of the two VPN gateways, these are the encrypted and encapsulated packets. Filter expressions on fields other than those in 802.11 headers will not tcpdump -nni <interface name> host <source/destination ip>. You can download the PDF file here. in the tcpdump source tree root. the sequence number by 49, and the packet ID by 6; there are 3 bytes of /etc/atalk.names such as the RX call ID, serial number, and the RX packet flags. Received user request to stop the packets capture process. be run with the the `interesting' arguments, for some definition of interesting). to compute the right length for the higher level protocol. packets are assumed to contain an LLC packet. is printed, where x is the hex value of header bytes two and three. I use the Cisco IP Phone 7911 in the company. I have configured site to site vpn over internet on this checkpoint firewall with my branch office which is working fine. Specify where tcpdump should send it's output. If any of the response bits are set (AA, RA or rcode) or any of the :The following description assumes familiarity with list available ports. Now that you are able to get basic traffic, lets step through numerous examples that you are likely to need during your job in networking, security, or as any type of PacketWizard. in the rtsg csam side of the conversation). Enter the Gateway IP address to use for this route. Enter a Layer-3 protocol number [0-255] or the ASA built-in name for the protocol you want to capture on. the value of the 13th octet in the TCP header, when interpreted It is included in pfSense software and is usable from a shell on the console or over SSH. first data byte each direction being `1'). You can also use filters to isolate packets with specific TCP flags set.

tcpdump checkpoint command 2023