TCPDump Examples

Heyas,

I can't seem to find a decent example of how to use the tcpdump with the following parameters.

tcpdump [ipaddress] [interface] [port]

Any assistance is welcome.

Thank you.
ZackGeneral IT Goto GuyAsked:
Who is Participating?
 
TintinConnect With a Mentor Commented:
tcpdump -i eth0 port 80 src 10.1.1.1
0
 
simon3270Commented:
On RedHat I need

     tcpdump -i eth0 port 80 and src 10.1.1.1
0
 
simon3270Commented:
You can make more complex statements too:

    tcpdump -i eth0 port 80 and \( src 10.10.10.101 or dst 10.10.10.102 \)
0
Cloud Class® Course: Amazon Web Services - Basic

Are you thinking about creating an Amazon Web Services account for your business? Not sure where to start? In this course you’ll get an overview of the history of AWS and take a tour of their user interface.

 
ZackGeneral IT Goto GuyAuthor Commented:
Thank you for the info.
0
 
simon3270Commented:
Just out of interest, which OS are you doing this on?

Thanks,
Simon
0
 
ZackGeneral IT Goto GuyAuthor Commented:
Knoppix
0
 
simon3270Commented:
I think you may have accepted the wrong answer.  On Knoppix 7.2:

knoppix@Microknoppix:~$ sudo tcpdump -i eth0 port 80 src 10.1.1.1
tcpdump: syntax error
knoppix@Microknoppix:~$ sudo tcpdump -i eth0 port 80 and src 10.1.1.1
tcpdump: verbose output suppressed, use -v or -vv for full protocol decode
listening on eth0, link-type EN10MB (Ethernet), capture size 65535 bytes

Open in new window


It needs the "and".
0
 
ZackGeneral IT Goto GuyAuthor Commented:
It worked on the system I was on at the time, I was remotely logged into a Knoppix machine via SSH.
0
 
simon3270Commented:
OK, no problem.
0
Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

All Courses

From novice to tech pro — start learning today.