To get pcap files for IP <ip> in <seconds> chunks with limit of maximum <files_number> files to not eat all disk space:
sudo tcpdump -W <files_number> -Z root -n -s0 -G <seconds> -i <interface> -w <some_name>.%Y-%m-%d.%H:%M:%S.pcap host <ip>
Last active
November 30, 2021 12:44
-
-
Save wooyey/b71cb0a79fa92946dc610c6e04139498 to your computer and use it in GitHub Desktop.
Tcpdump magic
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment