tcpdump
Dump traffic on a network. More information: <https://www.tcpdump.org>.
Install
- All systems
-
curl cmd.cat/tcpdump.sh
- Debian
-
apt-get install tcpdump - Ubuntu
-
apt-get install tcpdump -
Alpine
-
apk add tcpdump - Arch Linux
-
pacman -S tcpdump - Kali Linux
-
apt-get install tcpdump - CentOS
-
yum install tcpdump - Fedora
-
dnf install tcpdump - Windows (WSL2)
-
sudo apt-get updatesudo apt-get install tcpdump - OS X
-
brew install tcpdump - Raspbian
-
apt-get install tcpdump - Dockerfile
- dockerfile.run/tcpdump
- Docker
-
docker run cmd.cat/tcpdump tcpdumppowered by Commando
Dump traffic on a network. More information: <https://www.tcpdump.org>.
-
List available network interfaces:
tcpdump -D -
Capture the traffic of a specific interface:
tcpdump -i eth0 -
Capture all TCP traffic showing contents (ASCII) in console:
tcpdump -A tcp -
Capture the traffic from or to a host:
tcpdump host www.example.com -
Capture the traffic from a specific interface, source, destination and destination port:
tcpdump -i eth0 src 192.168.1.1 and dst 192.168.1.2 and dst port 80 -
Capture the traffic of a network:
tcpdump net 192.168.1.0/24 -
Capture all traffic except traffic over port 22 and save to a dump file:
tcpdump -w dumpfile.pcap port not 22 -
Read from a given dump file:
tcpdump -r dumpfile.pcap
© tl;dr; authors and contributors