Difference between revisions of "Tcpdump example with useful flags"
From Tech-Wiki
(Created page with "Category:Wireshark and Network Testing") |
|||
(One intermediate revision by the same user not shown) | |||
Line 1: | Line 1: | ||
[[Category:Wireshark and Network Testing]] | [[Category:Wireshark and Network Testing]] | ||
+ | |||
+ | tcpdump - Network packet capture (Sniffer) | ||
+ | # tcpdump -n -i eth0 net 10.1.1.0/24 and host 10.2.2.2 and port 80 | ||
+ | # tcpdump -n -i eth0 'host 10.1.1.1 and (port 80 or 443)' | ||
+ | # tcpdump -w - | tee capture.pcap | tcpdump -r - (write to file and standard output the same time) | ||
+ | # tcpdump -s0 -C 100 -W 10 (full packet size, split files into 100MB, and circular buffer using 10 files) | ||
+ | # tcpdump -A -i any -vv (dump packets on screen in ASCII, handy for web traffic) |
Latest revision as of 14:17, 1 September 2024
tcpdump - Network packet capture (Sniffer)
# tcpdump -n -i eth0 net 10.1.1.0/24 and host 10.2.2.2 and port 80 # tcpdump -n -i eth0 'host 10.1.1.1 and (port 80 or 443)' # tcpdump -w - | tee capture.pcap | tcpdump -r - (write to file and standard output the same time) # tcpdump -s0 -C 100 -W 10 (full packet size, split files into 100MB, and circular buffer using 10 files) # tcpdump -A -i any -vv (dump packets on screen in ASCII, handy for web traffic)