Difference between revisions of "Tcpdump example with useful flags"

From Tech-Wiki
Jump to: navigation, search
 
 
(One intermediate revision by the same user not shown)
Line 1: Line 1:
 
[[Category:Wireshark and Network Testing]]
 
[[Category:Wireshark and Network Testing]]
 +
 +
tcpdump - Network packet capture (Sniffer)
 +
# tcpdump -n -i eth0 net 10.1.1.0/24 and host 10.2.2.2 and port 80
 +
# tcpdump -n -i eth0 'host 10.1.1.1 and  (port 80 or 443)'
 +
# tcpdump -w - | tee capture.pcap | tcpdump -r -  (write to file and standard output the same time)
 +
# tcpdump -s0 -C 100 -W 10 (full packet size, split files into 100MB, and circular buffer using 10 files)
 +
# tcpdump -A -i any -vv (dump packets on screen in ASCII, handy for web traffic)

Latest revision as of 14:17, 1 September 2024


tcpdump - Network packet capture (Sniffer)

# tcpdump -n -i eth0 net 10.1.1.0/24 and host 10.2.2.2 and port 80
# tcpdump -n -i eth0 'host 10.1.1.1 and  (port 80 or 443)'
# tcpdump -w - | tee capture.pcap | tcpdump -r -   (write to file and standard output the same time)
# tcpdump -s0 -C 100 -W 10 (full packet size, split files into 100MB, and circular buffer using 10 files)
# tcpdump -A -i any -vv (dump packets on screen in ASCII, handy for web traffic)