Here is a way to dump all tcp traffic on port 80 to and from the bond0 interface:
tcpdump -w tcpdumpPort80.pcap -i bond0 tcp port 80
If you wanted to use only the eth0 interface (more common), use this example:
tcpdump -w tcpdumpPort80.pcap -i eth0 tcp port 80
No comments:
Post a Comment