tcpdump command
# at now
tcpdump -w /tmp/tcpdump -i en1 -s 1500 'port 8080'
-w -- file
-i -- interface
-s - MTU
For reading
tcpdump -nnr /tmp/tcpdump.27sep2012
tcpdump on a particular port(assume port is 1414)
at now
tcpdump -w /tmp/tcpdump -i en1 -s 1500 'port 1414'
how to read a tcpdump output
tcpdump -nnr /tmp/tcpdump
Capture packets for particular destination IP ( assume destination ip is 192.168.1.1)
tcpdump -w /tmp/tcpdump -i en2 -s 1500 dst 192.168.1.1
No comments:
Post a Comment