tcpdump+wireshark

This command can be used to make tcpdump output readable by wireshark:

tcpdump -vv -s 0 -i eth0 -w tcpdump.out tcp and port 4880

with headers and data

tcpdump -i eth0 -s 1024 -l -A 'port 80 and host 1.2.3.4'
avatar

About tompos

Hungary, Budapest
This entry was posted in BSD, IT, Linux. Bookmark the permalink.

Leave a Reply