Tcpdump

Tcpdump is a command line utility that allows you to capture and analyze network traffic going through your system. It is often used to help troubleshoot network issues.

<pre lang="bash"># Find out if tcpdump is installed
$ which tcpdump
/usr/sbin/tcpdump

# Install tcpdump
sudo yum install -y tcpdump

# Find which interface is available to you
tcpdump -D

# Capture on eth0. Use Ctrl-C to end capture.
tcpdump -i eth0

# Capture after 10 packets
tcpdump -i eth0 -c10

# Filter by port
tcpdump -i any -c10 -nn port 80

# Filter by ip address
tcpdump -i any -c10 -nn host 192.168.1.23

# Filter by source or destination ip
tcpdump -i any -c10 -nn src 192.168.1.23
tcpdump -i any -c10 -nn dst 192.168.1.23

# Filter by destination ip and port
tcpdump -i any -c5 -nn src 192.168.1.23 and port 80

# Save output to a file (binary format)
tcpdump -i any -c10 -nn -w http.pcap port 80

# Save output to a file (text format)
tcpdump -nn -r http.pcap

Here’s a good intro article about tcpdump.