Packet capturing in Linux
To Yiew the packets quickly:
tcpdump -qnnpi eth0
To Yiew all the packets in ASC,, format:
tcpdump -Annpi eth0 Here are a few simple tricks for using the tcpdump command.
To Yiew all packets in the Hex and ASC,, formats:
tcpdump -Xnnpi eth0
To Yiew packets with the L2 layer:
tcpdump -eqnnpi eth0
To saYe the captured packets:
tcpdump -qnnpi eth0 -w capture.pcap
capture.pcap can be opened using the famous tool Wireshark.
—Prasanna, prasanna.mohanasundaram@gmail.com