Now we are going to use some tcpdump commands to capture packets:
- To capture packets from an interface, use the following code:
$ sudo tcpdump -i eth0
- To print the captured packets in ASCII values, use the following code:
$ sudo tcpdump -A -i eth0
- To capture a specific number of packets, use the following code:
$ sudo tcpdump -c 10 -i eth0
- To print the captured packets in HEX and ASCII, use the following code:
$ sudo tcpdump -XX -i eth0
- To capture and save the packets in a specific file, use the following code:
$ sudo tcpdump -w 111.pcap -i eth0
- To capture IP address packets, use the following code:
$ sudo tcpdump -n -i eth0
- To read the captured packets, use the following code:
$ sudo tcpdump -r 111.pcap
Now we are going to look at an explanation of tcpdump and the commands we are using.