Changes

Jump to navigation Jump to search

Linux Command: tcpdump (edit)

Revision as of 08:56, 9 October 2018

354 bytes added ,  08:56, 9 October 2018
no edit summary
Line 20: Line 20:  
-E : Decrypt IPSEC traffic by providing an encryption key.</nowiki>
 
-E : Decrypt IPSEC traffic by providing an encryption key.</nowiki>
    +
=== 1500 bytes capture excluding port 22 ===
 
  tcpdump -i eth1  -s 1500 port not 22
 
  tcpdump -i eth1  -s 1500 port not 22
   −
You can skip additional ports too:
+
=== Skip ports ===
 +
tcpdump -i eth1  -s 1500 port not 22 and port not 53
 +
 
 +
=== Filter ip or hostname ===
 +
tcpdump -i eth1 port not 22 and host 1.2.3.4
 +
 
 +
=== Raw output view ===
 +
tcpdump -ttttnnvvS
 +
 
 +
=== Hex output ===
 +
tcpdump -nnvXSs 0 -c1 icmp
 +
 
 +
=== Filter by source or destination
 +
tcpdump src 2.3.4.5
 +
tcpdump dst 3.4.5.6
   −
  tcpdump -i eth1  -s 1500 port not 22 and port not 53
+
=== Filter by net ===
 +
  tcpdump net 1.2.3.0/24
   −
You can also use ip or hostname:
+
=== Filter by port ===
 +
tcpdump port 3389
 +
tcpdump src port 3389
   −
  tcpdump -i eth1 port not 22 and host 1.2.3.4
+
=== Filter by protocol ===
 +
  tcpdump icmp
Retrieved from "https://wiki.herrerosolis.com/index.php/Special:MobileDiff/1530"

Navigation menu