Stack Overflow
Stack Overflow

Questions tagged [tcpdump]

tcpdump is a common packet analyzer that runs under the command line, utilizing BPF (Berkeley Packet Filter) language

tcpdump is a common packet analyzer that runs under the command line. It allows the user to intercept and display TCP/IP and other packets being transmitted or received over a network to which the computer is attached. tcpdump relies on the underlying libpcap packet capture library.

1045 questions
5
votes
1 answer

Receiving multicast data on specific interface

tcmpdump can view all the multicast traffic to specific group and port on eth2, but my Python program cannot. The Python program, running on Ubuntu 12.04: sock = socket.socket(socket.AF_INET, socket.SOCK_DGRAM) sock.setsockopt(socket.SOL_SOCKET,…
Albeit
  • 738
  • 10
  • 21
5
votes
4 answers

Not able to run executable file from adb shell

I've added tcpdump binary file to my android device using this command ./adb push ~/tcpdump-4.2.1/tcpdump /data/local The binary is added to the android device successfully. But, when I try to execute the tcpdump file from the adb shell, using…
Harshal Kshatriya
  • 5,630
  • 11
  • 44
  • 60
5
votes
2 answers

How can I dump only outgoing IP packets in tcpdump?

I'm dumping outgoing traffic. I only want TCP and UDP packets destined outside my LAN, nothing else. I just used the following filter with tcpdump: ip and (tcp or udp) and (not icmp) and src host myIPAddr and not dst net myNet/myNetBits and not ip…
Ricky Robinson
  • 21,798
  • 42
  • 129
  • 185
5
votes
2 answers

Tshark - can't display just data of custom protocol

I have a custom protocol that runs on port 8888 (no, it's not http) and on top of TCP. I've captured the flow of packets into the PCAP file. The problem is that now I cannot display just the data portion of it. I've tried with the following…
eleanor
  • 1,514
  • 3
  • 19
  • 40
4
votes
1 answer

apache server mod_expire usage

I am using Apache 2.2.20. I set the expire_mod to be "access plus 5 minutes". I check the header using some website, and I am sure that in the header there did has an expire directory. However, when I use a tcpdump to monitor the network traffic, I…
runnnnnnnnn
  • 41
  • 2
4
votes
2 answers

tcpdump to filter ssl packets

I need to filter out all SSL packets using tcpdump. I know that only the first packet can be recognized as being ssl. Is it possible to match against the first packet and then filter out the rest of the SSL stream?
Pass
  • 1,501
  • 4
  • 21
  • 39
4
votes
0 answers

tcpdump error "WARNING: can't get TPACKET_V2 header len on packet socket: Operation not supported"

I run docker on apple m1, in an ubuntu environment, install tcp-dump through apt-get, but tcpdump runs with an error: tcpdump: WARNING: can't get TPACKET_V2 header len on packet socket: Operation not supported Warning: Kernel filter failed: Bad file…
user3168673
  • 49
  • 4
4
votes
0 answers

Capturing all host network using spring boot, tcpdump and docker

I have a spring boot application. On request it executes tcpdump as shown below String cmd = "tcpdump -n host " + this.host; Process process = Runtime.getRuntime().exec(cmd); InputStream stream = process.getInputStream(); ... I wanted to dockerize…
wokstym
  • 143
  • 1
  • 1
  • 12
4
votes
1 answer

Works with curl, fails with requests; how can I fix my requests code?

I am trying to write a python module to communicate with a fixed HTTP server on a hardware device in order to send data to it. I am able to send data correctly via curl, but for some reason it does not work correctly when I use the requests module…
Simon Rose
  • 381
  • 5
  • 11
4
votes
1 answer

tcpreplay not work client not receive the data

In server # nc -lp 2424 hi server hi client 1 2 3 In client ➜ ~ nc 139.224.xxx.xx 2424 hi server hi client 1 2 3 Then in client ➜ ~ sudo tcpdump -i en0 -nn -s0 -v src port 2424 -c 10 -w 2424.pcap tcpdump: listening on en0, link-type EN10MB…
zhuguowei
  • 8,401
  • 16
  • 70
  • 106
4
votes
1 answer

Does packet sniffing reduces internet speed?

I'm using tcpdump command tool to sniff packets. However, I worry about my internet speed to be reduced. Does a packet sniffer reduce it? If yes or no, why? If it does, is there any way to fix this problem? Can I ignore its effect on internet speed…
MAChitgarha
  • 3,728
  • 2
  • 33
  • 40
4
votes
4 answers

Delete everything after 4th period in string

I'm trying to manipulate the output from tcpdump in python 2.7. What I'm trying to do is remove the port portion of the IP Address. For example if the input string is 192.168.0.50.XXXX How would I go about deleting everything after the 4th period…
Zac
  • 109
  • 1
  • 1
  • 8
4
votes
1 answer

Configure QEMU (Guest Debian-9.0 Sparc64 - Host MacOS High Sierra) to do ssh from guest to host

Firstly, with a QEMU Virtual Machine (Debian Sparc64 Etch 4.0), I have been able successfully to get ssh and scp commands from Guest to Host (MacOS Hight Sierra OS 10.13.3). I wanted only to transfer files between guest and host. To get it, I have…
user1773603
4
votes
0 answers

Capturing all HTTP POST Requests Including Body with tcpdump

I want to print all HTTP POST requests including the body of the requests in ASCII to the console with tcpdump. How can I do that?
Said Savci
  • 818
  • 4
  • 14
  • 28
4
votes
2 answers

Extract TCP payload from pcap file

Using tcpdump, I am capturing network traffic. I am interested in extracting the actual TCP payload data, i.e. HTTP traffic in my particular case. I tried to achieve that using scapy, but I only found function remove_payload(). Is there a…
Florian
  • 302
  • 1
  • 4
  • 12
1 2 3
69 70