Tcpdump
Jump to navigation
Jump to search
- tcpdump
- Trace network traffic, all packets send are reported to standard output (terminal).
- -w <filename> -C 10
-
- Dump raw data to <filename>, create new file after 10 million (not 10MB) bytes are written
- -r <filename> -tttt -X
-
- Read packets from <filename>, give absolute time and all data
- -n port 53 and ip6 and host <address>
-
- 1 Do not lookup host or port-names, select only packets from port 53, IPv6 protocol and specified host(address)
In the output Flags are reported that have following meaning:
S (SYN),
F (FIN),
P (PUSH),
R (RST),
U (URG),
W (ECN CWR),
E (ECN-Echo)
. (ACK)
none if no flags are set...