Stack Overflow
Stack Overflow

Questions tagged [tcpdump]

tcpdump is a common packet analyzer that runs under the command line, utilizing BPF (Berkeley Packet Filter) language

tcpdump is a common packet analyzer that runs under the command line. It allows the user to intercept and display TCP/IP and other packets being transmitted or received over a network to which the computer is attached. tcpdump relies on the underlying libpcap packet capture library.

1045 questions
5
votes
3 answers

How to fix BPF device permissions on Mac OS to use tcpdump

I may have done something to change my device permissions because I am getting the error: "tcpdump: en0: You don't have permission to capture on that device". The TCP portion is irrelevant because I am having an issue using bpf devices. I attempted…
ZJam
  • 51
  • 1
  • 1
  • 6
5
votes
2 answers

tcpdump on monitor-mode interface - nothing captured

I've been using tcpdump (version 4.1.1) to attempt to capture wireless frames from a monitor mode interface set up by airmon-ng. I say "attempt" because so far nothing has been happening. It's very odd: tcpdump -i mon0 The above command works fine.…
jvstech
  • 844
  • 1
  • 9
  • 28
5
votes
2 answers

tcpdump only display in or out mac address, how to display both?

My OS version:CentOS Linux release 7.5.1804 (Core) My tcpdump version: tcpdump: option requires an argument -- 'V' tcpdump version 4.9.2 libpcap version 1.5.3 OpenSSL 1.0.2k-fips 26 Jan 2017 When command is tcpdump -i any -e -nn, the output is…
Gary Allen
  • 385
  • 1
  • 3
  • 11
5
votes
1 answer

Is there a way for Linux to log the reason of sending out a TCP RST packet?

Running this version of kernel 4.11.8-1.el6.elrepo.x86_64 and want to know why the TCP stack sends some RST packets, i.e. is there a Linux counterpart of the BSD net.inet.tcp.log_debug=1? Following is one of the cases where the reason is wanted. A…
Utoah
  • 1,052
  • 1
  • 12
  • 18
5
votes
1 answer

Rotating per packets receiving by TCPDUMP

How can I use 'tcpdump' command to capture and save each received packets to separate files (having rotatation per packet without losing any packets).
αғsнιη
  • 2,627
  • 2
  • 25
  • 38
5
votes
1 answer

Add tcpdump in yocto build (Beaglebone Black)

I want to add tcpdump into yocto build I found that I need to add meta-networking into bblayers.conf. meta-networking is apart of meta-openembedded Following are the steps I followed : Downloaded complete meta-openembedded : git clone…
Sandeep
  • 18,356
  • 16
  • 68
  • 108
5
votes
2 answers

How to read and send UDP packets on Mac OS X?

I'm trying to create a program for read, given IP address and port (in this case on localhost), of UDP packets on Mac OS X (current version 10.9.5). The only one that gave me some useful data is tcpdump and nc (netcat), but it worked only 1…
genesisxyz
  • 778
  • 3
  • 14
  • 29
5
votes
1 answer

IncompleteRead error when submitting neo4j batch from remote server; malformed HTTP response

I've set up neo4j on server A, and I have an app running on server B which is to connect to it. If I clone the app on server A and run the unit tests, it works fine. But running them on server B, the setup runs for 30 seconds and fails with an…
philh
  • 636
  • 5
  • 19
5
votes
1 answer

Performance and efficiency comparing between dump tools: tcpdump, tshark, dumpcap

I'm capturing tcp/udp packets through network adapter and trying to analyze the packets to get some statistical indicator such like bandwidth rate or protocol efficiency. Anyway i need to monitor the network traffic on specific link (src, dst, port,…
Martian Puss
  • 710
  • 2
  • 7
  • 16
5
votes
1 answer

How to capture the packet from same machine with tcpdump on Linux?

My computer has only one network card. I have a program listening on one port. I intend to send one packet on the same machine, my program can receive the packet. I can't capture the packet by tcpdump on the machine which my program is running…
Hardy Feng
  • 459
  • 4
  • 13
5
votes
5 answers

tcpdump option to find process initiate communication

I am using the Linux command line and when I run the following command: tcpdump -n dst host destsitename tcpdump -n dst host stackoverflow.com to see if my server as source talk to this domain, how I can find out which process doing the…
LeoSam
  • 4,681
  • 8
  • 31
  • 40
5
votes
2 answers

tcpdump throws PKTAP error

While running tcpdump without providing any interface tcpdump -nS, I'm getting tcpdump: cannot use data link type PKTAP error so I tried providing the Interface option in the command tcpdump -i eth0 or even eth1 then I get the following…
user3143451
  • 61
  • 1
  • 8
5
votes
1 answer

libpcap: what is the efficiency of pcap_dispatch or pcap_next

I use libpcap to capture a lot packets, and then process/modify these packets and send them to another host. First, I create a libpcap handler handle and set it NON-BLOCKING, and use pcap_get_selecable_fd(handle) to get a corresponding file…
misteryes
  • 2,167
  • 4
  • 32
  • 58
5
votes
1 answer

Using tcpdump to watch which websites are accessed on my network

I've just got my hands on a Raspberry Pi and I've set it up to act as the DNS and DHCP server on my home network. This means that all network requests go through it before they are released into the wild... Which offers me a great opportunity to…
Nick Brunt
  • 9,533
  • 10
  • 54
  • 83
5
votes
1 answer

Tcp delayed ack in nodejs with express

I'm doing a stress test for nginx and I use nodejs backends. I found a delay with keepalive. I removed nginx from the test and I have the same problem. I'm using: ApacheBench, Version 2.3 Node v0.8.14. Ubuntu 12.04.1 LTS Express 3.0.3 The source…
mrege
  • 1,821
  • 1
  • 13
  • 15
1 2 3
69 70