Stack Overflow
Stack Overflow

Questions tagged [tcpdump]

tcpdump is a common packet analyzer that runs under the command line, utilizing BPF (Berkeley Packet Filter) language

tcpdump is a common packet analyzer that runs under the command line. It allows the user to intercept and display TCP/IP and other packets being transmitted or received over a network to which the computer is attached. tcpdump relies on the underlying libpcap packet capture library.

1045 questions
0
votes
1 answer

netem and tcpdump loopback interface differing ingress and egress

I have two communicating applications on the same machine: app1----->loopback------>app2 I applied some delay (100ms) to loopback interface using netem (tc command) on a ubuntu machine (mint to be more specific). So to verify, if I ping 127.0.0.1,…
Volverine
  • 83
  • 6
0
votes
1 answer

Android App to Google Analytics Packet Size

I installed Google Analytics library in my Android App to persist the data to Google Analytics. I'm trying to check how much information I'm sending to Google Analytics from my Android App. What is the size? If there is a tool that I need to use,…
Franz Noel
  • 1,820
  • 2
  • 23
  • 50
0
votes
1 answer

Strange entry in tcpdump info for Rsyslog Message

I have a problem with rsyslog.It works as a log collector for some devices. When I check with TCP dump i see bellow line is coming. Facility user (1), Severity info (6) Msg: 1 2014-01-26T15:21:25.345+03:00 XXX_XXX-Node1 [|syslog] 15:21:37.526894…
Suner Evren
  • 63
  • 1
  • 7
0
votes
1 answer

how to access multiple offline pcap files from a directory and capture the source ip address using c

I'm Trying to make this following code to access multiple .pcap files stored in a directory and capture the source IP address. After which i will have to anonymize it with the list of ip addresses from a txt file. I'm at the first step, i'm unable…
Nishaero
  • 7
  • 4
0
votes
1 answer

Can I use TCP dump to just get the host/domain/ip and port of a packet so it can be easily parsed by PHP?

I am trying to collect hostname/ip and port from tcp dump. I get kinda close using : -s 0 -A -q 'tcp[((tcp[12:1] & 0xf0) >> 2):4] = 0x47455420' but it contains way too much garbage and I dont see a logical way to parse it: 18:04:26.935060 IP…
MSD
  • 349
  • 1
  • 4
  • 16
0
votes
2 answers

Recording busy network traffic with tcpdump

I have set up a system on my Raspberry Pi to record some TCPDUMP data. This system works under a light workload, but for some unknown reason, doesn't work under my "heavy" traffic (27 relevant packets per second). Under the last heavy traffic system…
JHAWN
  • 399
  • 4
  • 18
0
votes
1 answer

Terminate tcpdump in script and continue executing next command

I am trying to create a script in which I have: tcpdump (options) | fgrep (options) > file After I terminate tcpdump with CTRL+C I want these commands to execute: sed (options) file | awk (options) wait rm file The first part is getting done but…
one-liner
  • 791
  • 1
  • 9
  • 19
0
votes
2 answers

HttpsURLConnection - Intermittent Connection Refused errors

I am connecting to a web service via a java application and the HttpsURLConnection implementation. I open the connection, use try with resource block to open (and close when finished) the input stream and input stream reader, and then call…
jlteksolutions
  • 403
  • 1
  • 4
  • 9
0
votes
1 answer

Android Network traffic monitoring

Is there a native android Api to monitor network traffic and may be restrict it ? I came across TrafficStats but i dont think it provides a method to dump the packets and analyze it later or in real time. If there is no native support, then what…
Sayed Jalil Hassan
  • 2,535
  • 7
  • 30
  • 42
0
votes
1 answer

Unable to get Grep get information in Terminal

I'm unable to get 'get' in terminal using Grep. This code used to work on Lion but in Maverick the GET doesn't show... sudo tcpdump -i en1 -n -s 0 -w - | grep -a -o -E "Host\:\ .*|GET\ \/.*" Any help or suggestions maybe?
Marcel
  • 193
  • 1
  • 11
0
votes
0 answers

TCP /SMPP connection status JAVA

I have developed an ESME adhering to SMPP, however when reading the pdu length in the header (the first 4 bytes) I sometimes get an EOF exception. I read the first 4 bytes with the readint method of the datainputstream class. I suspect the Smpp…
sqwale
  • 554
  • 3
  • 24
0
votes
1 answer

Command for separating/distinguising tcpstreams in pcap file on Linux

I have a huge pcap file in which there thousand of tcpstreams , i need to separate these tcpstream and find out out packet loss for each of them , i am trying out…
Jain Rach
  • 4,069
  • 1
  • 16
  • 25
0
votes
2 answers

TCPDUMP incoming traffic capturing

I am using TCPDUMP-arm because I'd like to capture TCP packets arriving on my tablet. The problem is that I want to get rid of the results about the outgoing packets. When I execute: ./tcpdump-arm tcp -qt -l > /sdcard/res.txt I get results…
Philip St
  • 81
  • 10
0
votes
1 answer

Stranger tcpdump output which contains some IP package with no flags and empty payload, what the purpose of these packages?

I use tcpdmp to capture packages between my client and server communications with the command tcpdump -i eth0 -v port 8113 The output contains many packages like the following: ******* IP (tos 0x0, ttl 64, id 14510, offset 0, flags [DF], proto…
George
  • 4,029
  • 2
  • 22
  • 26
0
votes
1 answer

reordering tcpdump file by session in Python 3

Write a program that opens a tcpdump file and reorders the dumped lines so that packets from each session are clustered together. Each session is output to its own file with a unique name generated from the IP and port addresses of that…
user1819786
  • 123
  • 1
  • 3
  • 8
1 2 3
69 70