The tcpdump
command can be used to capture network traffic on a Linux system. It’s a versatile command line utility that network administrators often rely on for troubleshooting.
What you’ll come to find is that the amount of networking traffic captured on an interface can be easily overwhelming. tcmpdump
makes our job a little easier by allowing us to isolate only the traffic we’re interested in. Of course, in order to do this, you need to be familiar with the various flags and settings that go along with the command.
In this guide, you’ll see how to use tcpdump
through examples and explanations. Follow along on your own system if you want to learn to capture network traffic and master the tcpdump
command.
In this tutorial you will learn:
- How to install tcpdump on major Linux distros
- tcpdump command examples
- How to filter tcpdump traffic by port, protocol, source, and destination
- How to write tcpdump captures to file
- How to interpret tcpdump command output