Tcpdump
From Indie IT Wiki
The printable version is no longer supported and may have rendering errors. Please update your browser bookmarks and please use the default browser print function instead.
Introduction
tcpdump is a common packet analyzer that runs under the command line. It allows the user to intercept and display TCP/IP and other packets being transmitted or received over a network to which the computer is attached.
Easy Tutorial
http://openmaniak.com/tcpdump.php
Example Commands
tcpdump -D tcpdump -i enp4s0 port 8094 tcpdump host www.paully.co.uk tcpdump -w capture.log
Stop Capture After Period Of Time
/path/to/tcpdumpbinary --whatever-args-you-need & sleep 10s && pkill -HUP -f /path/to/tcpdumpbinary
This will capture DNS traffic to a log file and stop after 10 seconds...
$ /usr/sbin/tcpdump -i ens18 -w tcpdump.log port 53 & sleep 10s && pkill -HUP -f /usr/sbin/tcpdump [1] 28538 tcpdump: listening on ens18, link-type EN10MB (Ethernet), capture size 262144 bytes 196 packets captured 200 packets received by filter 0 packets dropped by kernel [1]+ Done /usr/sbin/tcpdump -i ens18 -w tcpdump.log port 53