TcpDump
capture TCP paquet
Capturing packets based on network interface, ports and protocols.
localhost ~ # tcpdump -w test.pcap -i eth1 tcp port 8080
capture on destination ip
localhost ~ # tcpdump -w test.pcap dst 10.40.0.32 and tcp port 80
capture with 2 different ports
localhost ~ # tcpdump -w test.pcap -i eth1 tcp port 8080 or udp \( 33450 or 33451 \)
read tcp packet
localhost ~ # tcpdump -nnr test.pcap
formatting date
localhost ~ # tcpdump -ttttnnr test.pcap
capture full packet
localhost ~ # tcpdump -s 0 -ttttnnr test.pcap
hive/system/linux/tcpdump.txt · Last modified: 31/03/2010 18:47 by n0rad -
