Tuesday, January 15, 2008

Linux Tip No. 8: Tcpdump to capture traffic

Using tcpdump to capture the traffic

[root@proxy /]# /usr/sbin/tcpdump -i eth0 port 80
tcpdump: verbose output suppressed, use -v or -vv for full protocol decode
listening on eth0, link-type EN10MB (Ethernet), capture size 96 bytes
09:17:49.575590 IP > S 583111147:583111147(0) win 5840
09:17:49.755526 IP > S 1378975104:1378975104(0) ack 583111148 win 16384
09:17:49.755592 IP > . ack 1 win 1460
09:17:49.756126 IP > P 1:248(247) ack 1 win 1460


