Penguin
Note: You are viewing an old revision of this page. View the current version.

tcpdump is a program that performs capture of packet information for IP packets. It originally supported only TCP packets, but has since grown to decode all manner of protocols, including UDP and ICMP.

Hints

  • Capture information to file with -w as on slower hosts you will drop information if you capture and display at same time. When you capture you also get to look at again (and again and again).
  • Use -s0, as the default capture length does not capture enough information for many Protocols.

See also:

  • tcpdump(8)
  • Ethereal, a graphical package capture program that can interpret tcpdump streams