Questions tagged [tcpdump]

tcpdump is a common packet analyzer that runs under the command line, utilizing BPF (Berkeley Packet Filter) language

tcpdump is a common packet analyzer that runs under the command line. It allows the user to intercept and display TCP/IP and other packets being transmitted or received over a network to which the computer is attached. tcpdump relies on the underlying libpcap packet capture library.

1045 questions

votes

0 answers

List destination UDP port number who have been visited more

I have captured traffic, which contains udp packet. I want to find destination UDP port numbers who have been visited more than others, using tcpdump. Edit1: I try following command, but the result seems to be wrong, what is the problem with…

udp tcpdump

asked Nov 11 '15 at 11:40

user3806649

1,257
2
18
42

votes

1 answer

Increasing number of BPF devices on AIX

Anyone know how to increase the number of BPF devices in AIX 5.2/5.3 above the supposed system default of four? i.e. running more than four tcpdump processes concurrently?

aix libpcap tcpdump

asked Jul 22 '10 at 17:09

Jeff

votes

2 answers

No USB bus file even after enabling usbmon in Android kernel?

I have enabled usbmon in the linux kernel for Android on a device that has USB host already (Rooted Nexus 7, 2012, WiFi, Android version 5.0.2). After booting from the new kernel, tcpdump -D shows: 1.any (Pseudo-device that captures on all…

android linux linux-kernel usb tcpdump

asked Sep 23 '15 at 13:05

kian

votes

0 answers

Nodejs spawn ssh tcpdump parameters

I need to take random tcpdump samples from remote host. Starting tcpdump is not the problem but closing it on remote host is. Code below works fine. var child = spawn('ssh', [ 'a@'+b, 'tcpdump', '-w -', '-i any']); child.kill() tcpdump on remote…

node.js ssh tcpdump remote-host

asked Sep 18 '15 at 10:52

J-Ape

votes

1 answer

R set tcpdump output to fifo then variable or connection

How do I save the live streaming output of this command to a variable/connection line-by-line running in a while loop? Something like: netvalue <-system("tcpdump -A -i eth0 port 80 | grep foo") while(T) { ... nvar <- netvalue +…

linux r tcpdump mkfifo

asked Sep 15 '15 at 05:34

Scipio The Elder

votes

1 answer

Perl script to capture tcpdump traces on Linux

Hi I have written a script, which was working fine previously with 'snoop' commands. This script forks child in the script to start tcpdump. When i have to stop the dump I kill the child but when i look at the pcap generated in wireshark, it shows…

multithreading perl fork tcpdump

asked Sep 01 '15 at 19:00

Muzammil

votes

1 answer

Read WLAN Link Layer packages using tcpdump/tshark in raspberry pi

I have a raspberry pi, a WLAN stick (Ralink Technology, Corp. RT5370) in monitor mode and tcpdump (+tshark) installed. Now I want to read link layer packages from a WLAN wristband device that patients in a retirement home use. This device sends link…

linux tcpdump wifi tshark data-link-layer

asked Aug 31 '15 at 11:50

user3354754

votes

2 answers

ICMP replies seen by tcpdump but ping 100% fails

I have a virtual interface (oip1) configured which has a valid IP config. When I try to ping an address on the internet from oip1, I can see the ICMP echo requests/replies on tcpdump, but ping still reports 100% failing.…

virtual ping tcpdump

asked Aug 19 '15 at 16:01

Spider

votes

1 answer

How to plot HTTP message sequences with TCPDUMP?

I want to see HTTP massage sequence, headers, bodies, etc between localhost and 178.209.54.154 address. Now I am using tcpdump -s 0 -i en0 -vvv -XX -n net 178.209.54.154 and tcp port http command. and get something like: tcpdump: listening on en0,…

http tcpdump

asked Aug 10 '15 at 10:42

János

32,867
38
193
353

votes

1 answer

redirect output of editcap to tcpdump

I want filter first 100 packets inside a pcap file and show the result on stdout. for filtering first 100 packet I used below command: editcap -r test.pcap output.pcap 1-100 for showing result and filtering packet for the further purpose I want to…

redirect tcpdump editcap

asked Aug 03 '15 at 09:49

omid

votes

1 answer

parallel execution bash for loop

i've put together a simple little bash script that iterates through 100-200+ 2GB packet captures (from daemonlogger), which prompts the user for the filter to match on in tcpdump... and then compiles all of the packets from each individual capture…

bash for-loop tcpdump

asked Aug 01 '15 at 18:40

dobbs

1,089
6
22
45

votes

2 answers

Tcpdump output convert it to json format

I am currently searching for ways to convert tcpdump output (be it text file or pcap file) and convert it to json file format. Are there any ways to do that? Does parse-pcap do the trick? Because I have some problem using parse-pcap as shown below.…

tcpdump

asked Jul 23 '15 at 09:46

James Yeo

votes

1 answer

Troubleshoot using tcpdump

We recently ran into an issue whether a tomcat application would not perform a certain Application specific function that it used to perform in the past (basically commit a file). After days and days of troubleshooting I found that it was because…

tcpdump

asked Jul 17 '15 at 19:59

souser

5,868
5
35
50

votes

1 answer

What are some common uses for the tcpdump -dd option?

In reading the man pages for tcpdump, I saw that the -dd arguement would output the dump as a fragment of a C file. In what situations is that useful? I take it this is to quickly include and compile the fragment in a program that will be used to…

c tcpdump

asked Jul 15 '15 at 19:33

gladiola

votes

0 answers

tcpdump: can't create rx ring on packet socket

When I use tcpdump on a Linux Machine. Error happens: $#/usr/sbin/tcpdump dst 183.131.XXX.XXX tcpdump: can't create rx ring on packet socket: Cannot allocate memory $#free -m total used free shared buffers …

memory tcpdump

asked Jul 10 '15 at 06:25

atom123123

Prev 1 2 3

…

69 70 Next