This topic contains 0 replies, has 1 voice, and was last updated by Peter Jaffray 2 weeks, 2 days ago.
- 05/13/2017 at 8:47 AM #193263
Know the tcpdump command if you are going to be debugging any sort of network traffic. It will make you more proficient and faster.
See Also: Wireshark
FILTERING BY SOURCE AND DESTINATION
It’s quite easy to isolate traffic based on either source or destination using src and dst.
# tcpdump src 188.8.131.52
# tcpdump dst 184.108.40.206
FINDING PACKETS BY NETWORK
To find packets going to or from a particular network, use the net option. You can combine this with the src or dst options as well.
# tcpdump net 220.127.116.11/24
SHOW TRAFFIC RELATED TO A SPECIFIC PORT
You can find specific port traffic by using the port option followed by the port number.
# tcpdump port 3389
# tcpdump src port 1025
SHOW TRAFFIC OF ONE PROTOCOL
If you’re looking for one particular kind of traffic, you can use tcp, udp, icmp, and many others as well.
# tcpdump icmp
You must be logged in to reply to this topic.