TCPDump: Difference between revisions

Content added Content deleted
m (Protected "TCPDump" ([Edit=Allow only logged in users] (indefinite) [Move=Allow only logged in users] (indefinite) [Delete=Allow only logged in users] (indefinite)))
Line 137: Line 137:
|}
|}


====Command Line Options====
===Command Line Options===


-A Print frame payload in ASCII
-A Print frame payload in ASCII
Line 161: Line 161:
-y <type> Specify the data link type
-y <type> Specify the data link type
<br />
<br />

=== Advanced Packet Filtering ===

List interesting traffic from all the PCAP files:
<pre style="width: 2000px; overflow-x: scroll;">
for i in `find . -type f | egrep "All.pcap"`; do echo $i; tcpdump -r $i '((host 1.1.1.1 or host 2.2.2.2) and host 3.3.3.3) and port 445' ; echo -e "\n"; done
</pre>
Retrieved from "https://aman.awiki.org/wiki/TCPDump"