Difference between revisions of "Tcpdump example with useful flags"

From Tech-Wiki
Jump to: navigation, search
 
Line 1: Line 1:
 
[[Category:Wireshark and Network Testing]]
 
[[Category:Wireshark and Network Testing]]
 +
 +
tcpdump - Network packet capture (Sniffer)
 +
# tcpdump -n -i eth0 net 10.1.1.0/24 and host 10.2.2.2 and port 80
 +
# tcpdump -n -i eth0 'host 10.1.1.1 and  (port 80 or 443)'
 +
# tcpdump -w - | tee capture.pcap | tcpdump -r -  (write to file and standard output the same time)
 +
# tcpdump -s0 -C 100 -W 10 (full packet size, split files into 100MB, and circular buffer using 10 files)

Revision as of 17:49, 15 May 2018


tcpdump - Network packet capture (Sniffer)

# tcpdump -n -i eth0 net 10.1.1.0/24 and host 10.2.2.2 and port 80
# tcpdump -n -i eth0 'host 10.1.1.1 and  (port 80 or 443)'
# tcpdump -w - | tee capture.pcap | tcpdump -r -   (write to file and standard output the same time)
# tcpdump -s0 -C 100 -W 10 (full packet size, split files into 100MB, and circular buffer using 10 files)