Sometimes packet captures can be useful for identifying strange problems on the LAN that prevent phone registration. This article tells you how to collect packet captures using a Buffalo DD-WRT router.


  1. Download WINSCP from the Common Tools article  and install -  SCP/FTP client
  2. Download PuttyTel from the Common Tools article and install - This is a telnet client, but any telnet-enabled client will work for this.
  3. Download and install Wireshark and make sure you install the correct version (32 vs 64 bit). This is the program that allows you to read the files created from the tcpdump command.
  4. Log into your Buffalo DD-WRT device and navigate to Security > Firewall.
  5. Navigate to Services > Enable Telnet. Click apply.
  6. Navigate to Services > NAS ensure that you have added a File Sharing username for yourself at the bottom of the page  Note: that you do not need to have ProFTPD enabled.
  7. You will be greeted with a log in prompt, log in using the username root and your router’s web UI password 
    • Note: this is a linux system and you are logged in as root. That means you can do anything you want without the system asking questions. Be careful and do not do something if you are unsure of the consequences. 
  8. Type ls and hit enter
    • This command lists all of the current items in the directory you are in. You start your telnet session in the root directory of the FTP accessible portion of the DD-WRT Linux system.
  9. Make a directory/folder for you to store your packet captures in. Type mkdir <folder name>.
    • For example we named the file pcaps so the command that was input was mkdir pcaps now there is a folder in the root directory called pcaps.
  10. Type cd pcaps and hit enter
    • You want to be able to save our packet captures in the pcaps folder, so you need to navigate to this directory (cd stands for change directory).
  11. Type tcpdump host <ip address> -w <filename>.pcap
    • To initiate a packet capture on Linux you simply enter and run the command tcpdum however, this captures every packet the device is seeing, which can be a lot to sift through. To narrow it down, need to pick a source host IP address to capture to and from, this will simply run the packet capture but not save it, to save it we need to add yet another string to the command, -w, which saves the file as the name and file type we specify. To save it as a pcap – simply make this portion w filename.pcap.
    • Start the tcpdump command, then replicate the issue you're trying to investigate, then hit CTRL+C to stop the tcpdump.

  12. Open WinSCP and FTP to the router  note the newly created pcaps folder. Open that folder, then find the file you want. Right click on that file, click copy, and then copy it to your PC.
    • You'll want to connect with the router over port 21 (FTP)
  13. Use Wireshark and select open a previous capture navigate to where you saved your pcap file and open it in Wireshark. You can now see all of the packets that were captures and you can open them line by line.