Skip to content

Instantly share code, notes, and snippets.

@BondAnthony

BondAnthony/tcpdump.md

Last active March 22, 2021 16:15
Show Gist options
  • Save BondAnthony/c55a6e18756f253a7389dc1317ca8a02 to your computer and use it in GitHub Desktop.
Save BondAnthony/c55a6e18756f253a7389dc1317ca8a02 to your computer and use it in GitHub Desktop.
Download ZIP
All those handy tcpdump rules
Raw
tcpdump.md

tcpdump

Capture all upd traffic being sent to destination port range 1-1023. Helps when your debugging dns traffic

sudo tcpdump -n udp dst portrange 1-1023

Capture packets being sent to a specific destination host ip.

sudo tcpdump -n dst host 192.168.10.100

Capture ICMP (ping) packets on network interface eth0.

sudo tcpdump -i eth0 icmp

Capture DNS packets for a specifc host

tcpdump src net 10.125.2.16/32 and udp port 53
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment