Highest Voted 'tcpdump' Questions - Server Fault Stack Exchange

0

votes

0 answers

connection is paused for long

a redis server is running in a different network namespace. I'm trying to connect a client to the redis server, it keeps waiting but is not getting response, its been hours. Client side code: int main(){ // ***** Pipeline ***** auto…

asked Dec 30 '20 at 12:52

user14610638

21
3

0

votes

1 answer

Can I determine a EWOULDBLOCK/EAGAIN situation from a pcap/tcpdump

Is there a way I can determine if a certain message resulted in an EWOULDBLOCK/EAGAIN return code to the server which sent the packet? The server was sending messages to the client At time 10,the server sent message 100 At time 20, the server sent…

tcp wireshark tcpdump pcap

asked Oct 27 '20 at 17:32

PasanW

133
1
6

0

votes

1 answer

Where does tcpdump get the source IP from for a TCP packet?

I've been trying to come up with a solution for a routing problem (multiple interfaces connected to a single Docker container, ensuring response packets go out the right interface), and have come across an interesting observation: while using TRACE…

linux networking linux-networking tcpdump

asked Oct 22 '20 at 23:42

Jumail Mundekkat

1
1

0

votes

0 answers

Identify Source / Trigger of / for Network Traffic locahost

I want to identify the application trat triggers network traffic like the one below. I have dissabled ethernet and wireless cards, and denied incoming traffic in firewall. $ sudo tcpdump -vv -e -A -i any 04:26:45.584729 in 00:00:00:00:00:00 (oui…

localhost tcpdump

asked Sep 30 '20 at 08:54

u20200411

3
2

0

votes

1 answer

openvpn dual install (client and server) routing problem

I have the following install: PROD net (10.88.88.0/24) OFFICE net (192.168.2.0/24) on PROD I have openvpn server (vpnprod), so OFFICE can connect. on OFFICE I have openvpn machine (vpnoffice) which runs both openvpn server to allow external users,…

firewall routing openvpn tcpdump

asked Jan 16 '10 at 01:00

Sunny

5,834
3
22
24

0

votes

2 answers

Packets dropped somewhere between network interface and iptables when forwarded from router

I have a server configured with multiple interfaces and multiple VLANs. It works perfectly fine for all the local networks, it drops packets forwarded through my router for some reason though. And it's not even consistent. Sometimes I can get it…

networking iptables tcpdump

asked Jul 16 '20 at 01:05

Bryan Austin

107
2
9

0

votes

1 answer

Pcap (tcpdump) filter to match against local port

I'm trying to write a libpcap (tcpdump, iftop) filter that would match packets having a specific local port. That is, I'm interested in traffic that either goes out of port 12345 on the local machine or into port 12345 on the local machine. The…

tcpdump packet-capture pcap

asked Jul 15 '20 at 23:39

intelfx

134
7

0

votes

0 answers

Wireshark TLS conversation for ldaps

I am trying to troubleshoot an issue with delays in LDAPS bind operations with tcpdump/wireshark. Here is what I get from client side on a conversation with delays: I see the following problems: I see no ServerHello response (this happens for all…

ssl wireshark tcpdump

asked Jul 13 '20 at 12:42

trikelef

518
1
7
26

0

votes

1 answer

Trying to capture 3-way handshake in linux

I am trying to capture 3-way handshake using the following in linux, it does not seems to work... sudo tcpdump "tcp[tcpflags] & (tcp-syn) !=0" -w filename.pcap -i eth0 Could you someone suggest me an edit to it??

linux tcpdump

asked May 24 '20 at 06:13

Chi

11
1

0

votes

1 answer

Proxy service only responding on some IP addresses (others suck on SYN_RECV)

I have a server using a proxy service (WAF etc) which forwards packets to my server. I can see established SSL conenctions from all proxy netstat -an and the rest stuck in SYN_RECV: tcp 0 0 192.168.102.11:443 185.93.230.20:64966 …

linux-networking apache2 tcpdump netstat

asked May 22 '20 at 17:15

morleyc

1,150
13
47
89

0

votes

0 answers

Duplicate ACK and TCP Retransmissions

I'm doing some scp transfers between an AIX and a Linux in two separated LAN (I have a VPN between them). Sometimes the connection ends well, so I get 50MB/s. In many other cases, instead, the connections starts fast and then drops until it ends…

linux vpn tcpdump aix

asked Mar 03 '20 at 15:44

ubu389

1
1

0

votes

1 answer

Why is an interface ignored by -i any with tcpdump/wireshark?

Using tcpdump and wireshark, if I capture with -i enp1s0f0, no problem I can see the packets. If I capture with -i any, I don't see the enp1s0f0's packets. Why? Is there a NetworkManager option or something that discards that interface?

tcpdump

asked Feb 25 '20 at 06:19

Alexis

172
1
12

0

votes

1 answer

How do I capture packets on a Linux VM in a VMware environment?

I've got a Linux server that is a VM running on ESXi 6.7. We're running into some network trouble with it, and I'm trying to use tcpdump to capture traffic on the VM itself, but I'm getting only the traffic generated by the server, and not the…

linux virtual-machines tcpdump packet-capture promiscuous

asked Feb 05 '20 at 17:04

le_jawa

113
1
7

-1

votes

1 answer

Traffic on port 80 although Http-Server is not running

Good'day Just out of curiosity I did a tcpdump port 80 on one of my remote virtual machines. I see a huge amount of requests to this http-port, 95% going to some AWS EC2 instance. Strange thing: The Web-Server was not on high load at all. The…

nginx http tcpdump

asked Oct 29 '19 at 20:21

n.r.

289
1
2
10

-1

votes

1 answer

Running tcpdump starts ssh flood

I have runtime Linux running in a PLC. My development machine is running Ubuntu 14.04. The PLC and the development machine are connected through a five port switch. I ssh to PLC from my development machine to transfer executable of a networking…

ssh tcp tcpdump flooding embedded-linux

asked Nov 12 '18 at 04:41

awatan

101
1
4

Questions tagged [tcpdump]