Tcpdump

From wiki
Revision as of 15:23, 9 October 2020 by Hdridder (talk | contribs)
(diff) ← Older revision | Latest revision (diff) | Newer revision → (diff)
Jump to navigation Jump to search


tcpdump
Trace network traffic, all packets send are reported to standard output (terminal).
-w <filename> -C 10
Dump raw data to <filename>, create new file after 10 million (not 10MB) bytes are written
-r <filename> -tttt -X
Read packets from <filename>, give absolute time and all data
-n port 53 and ip6 and host <address>
Do not lookup host or port-names, select only packets from port 53, IPv6 protocol and specified host(address)

In the output Flags are reported that have following meaning: 

S (SYN)
F (FIN)
P (PUSH)
R (RST), 
U (URG), 
W (ECN CWR), 
E (ECN-Echo)
. (ACK)
none if no flags are set...
Retrieved from "https://wiki.antiperfect.org/index.php?title=Tcpdump&oldid=947"