Hi, My server is connected to the lan and when I run tcpdump I see few packets captured but lots packets received by filter. How can I dump every packets received by filter ? -------------- next part -------------- An HTML attachment was scrubbed... URL: <http://lists.centos.org/pipermail/centos/attachments/20110114/f48ad182/attachment-0002.html>
On 14/01/2011 11:26, admin lewis wrote:> Hi, > My server is connected to the lan and when I run tcpdump I see few > packets captured but lots packets received by filter. > How can I dump every packets received by filter ?I use the following command to make packet captures: tcpdump -i eth0 -s 0 -w capture.cap It creates a file capture.cap that can be read by a packet analyzer - e.g. wireshark. -- Best Regards, Giles Coochey NetSecSpec Ltd NL T-Systems Mobile: +31 681 265 086 NL Mobile: +31 626 508 131 Gib Mobile: +350 5401 6693 Email/MSN/Live Messenger: giles at coochey.net Skype: gilescoochey -------------- next part -------------- A non-text attachment was scrubbed... Name: smime.p7s Type: application/pkcs7-signature Size: 5137 bytes Desc: S/MIME Cryptographic Signature URL: <http://lists.centos.org/pipermail/centos/attachments/20110114/98233d54/attachment-0002.p7s>
On Fri, Jan 14, 2011 at 5:28 AM, Giles Coochey <giles at coochey.net> wrote:>>How can I dump every packets received by filter ? > > I use the following command to make packet captures: > > tcpdump -i eth0 -s 0 -w capture.cap > > It creates a file capture.cap that can be read by a packet analyzer - e.g. > wireshark.I often run a variation of the above in a screen session then disconnect.. There's probably an easier way, but I do so I don't see my own traffic.