Revision as of 13:20, 13 July 2017 (view source) Amanjosan2008 (talk \| contribs) m (Protected "TCPDump" ([Edit=Allow only logged in users] (indefinite) [Move=Allow only logged in users] (indefinite) [Delete=Allow only logged in users] (indefinite))) ← Older edit		Revision as of 02:13, 14 July 2017 (view source) Amanjosan2008 (talk \| contribs) (→‎Command Line Options) Newer edit →
Line 137: \|} ====Command Line Options==== -A Print frame payload in ASCII Line 161: -y <type> Specify the data link type <br /> === Advanced Packet Filtering === List interesting traffic from all the PCAP files: <pre style="width: 2000px; overflow-x: scroll;"> for i in `find . -type f \| egrep "All.pcap"`; do echo $i; tcpdump -r $i '((host 1.1.1.1 or host 2.2.2.2) and host 3.3.3.3) and port 445' ; echo -e "\n"; done </pre>

TCPDump: Difference between revisions

TCPDump (view source)