Useful tcpdump usages

Tcpdump and Netcat are one of the most useful utilities for Linux network debugging.

Some of the examples where I have found tcpdump to be extremely useful are given below. In the next post, I will cover netcat.

Look for traffic based on IP address

tcpdump host 1.2.3.4

Capture based on protocol

tcpdump udp

Capture based on interface

tcpdump -i eth1

Capture filter based on certain port

tcpdump port 80

Capture filter based on source port or destination port

tcpdump src port 80
tcpdump dst port 80

Capture based on port range

tcpdump portrange 80-90

Capture display in ASCII

tcpdump -A -i eth0

Capture to a file

tcpdump -w 08232010.pcap -i eth0