tcpdump?

To: debian-user@lists.debian.org
Subject: tcpdump?
From: John O Laoi <brianolaoi@gmail.com>
Date: Sat, 20 Feb 2010 11:15:33 +0000
Message-id: <[🔎] 1f1816a91002200315o39f14dbdsd6376f5a3b9ec2f6@mail.gmail.com>
In-reply-to: <[🔎] SNT125-W267EB285B827ED99DFE17CDB450@phx.gbl>
References: <[🔎] SNT125-W267EB285B827ED99DFE17CDB450@phx.gbl>

> #tcpdump port 4957
> I want to obtain the payload data to see what is realy being exchanged
> between my Debian server and the outside network element . Can you please
> let me know how I can modify my command ?

Try
tcpdump  host <IP-addr-deb-server>  and  port  4957

This will grab all packets to and from the server, which are to or
from port 4957

If you want traffic in one direction only, you can use "src host" or
"dst host" instead of "host", and/or
"src port" or "dst port" instaed of "port".

You could add  -s 0   to ensure you grab entire packets regardless of
size, and -v, -vv or -vvv if you need more details on packets.


John

Reply to:

Follow-Ups:
- RE: tcpdump?
  - From: Hadi Motamedi <motamedi24@hotmail.com>

References:
- tcpdump?
  - From: Hadi Motamedi <motamedi24@hotmail.com>

Prev by Date: RE: tcpdump?
Next by Date: Re: Anyone Care to Critique my Apt Preferences? (was Re: apt-cacher as package rollback buffer)
Previous by thread: RE: tcpdump?
Next by thread: RE: tcpdump?
Index(es):
- Date
- Thread