TCPDUMP Information, commands and options
tcpdump is a free command line tool that is used to capture network traffic and saves it to a file on a Linux Machine. It’s very useful in fault finding on your network and can be used with WireShark for in depth analysis of the network traffic.
Here are a few examples of the different options available with tcpdump. Enjoy!
tcp dump -c 500 <<>>capture 500 packets
tcpdump -c 500 vlan 100 <<>> capture 500 packets on VLAN 100
tcpdump -c 500 vlan 100 -vv <<>> capture 500 packets on VLAN 100 with even more verbose output
tcpdump -c 500 vlan 100 -vv -w test.pcap <<>> capture 500 packets on VLAN 100 with even more verbose output and write them to a file called test.pcap. This file can be opened and inspected with Wireshark.
tcpdump -vvnn -c 100 vlan 210 <<>> capture 100 verbose packets (vv) with no resolution of hostnames and port numbers (nn) on VLAN 210
You can install tcpdump on a raspberry pi with the command:
Sudo apt-get tcpdump install