Changes

Jump to navigation Jump to search

Linux Command: tcpdump (edit)

Revision as of 08:38, 9 October 2018

1,071 bytes added ,  08:38, 9 October 2018
no edit summary
Line 1: Line 1:  +
== Options ==
 +
<nowiki>-i any : Listen on all interfaces just to see if you’re seeing any traffic.
 +
-i eth0 : Listen on the eth0 interface.
 +
-D : Show the list of available interfaces
 +
-l : Line-readable output (for viewing as you save, or sending to other commands)
 +
-A : Display output in ASCII.
 +
-n : Don’t resolve hostnames.
 +
-nn : Don’t resolve hostnames or port names.
 +
-q : Be less verbose (more quiet) with your output.
 +
-t : Give human-readable timestamp output.
 +
-tttt : Give maximally human-readable timestamp output.
 +
-X : Show the packet’s contents in both hex and ascii.
 +
-XX : Same as -X, but also shows the ethernet header.
 +
-v, -vv, -vvv : Increase the amount of packet information you get back.
 +
-c : Only get x number of packets and then stop.
 +
-s : Define the snaplength (size) of the capture in bytes. Use -s0 to get everything, unless you are intentionally capturing less.
 +
-S : Print absolute sequence numbers.
 +
-e : Get the ethernet header as well.
 +
-q : Show less protocol information.
 +
-E : Decrypt IPSEC traffic by providing an encryption key.</nowiki>
 +
 
  tcpdump -i eth1  -s 1500 port not 22
 
  tcpdump -i eth1  -s 1500 port not 22
  
Retrieved from "https://wiki.herrerosolis.com/index.php/Special:MobileDiff/1529"

Navigation menu