Here is a way to dump all tcp traffic on port 80 to and from the bond0 interface:
tcpdump -w tcpdumpPort80.pcap -i bond0 tcp port 80
If you wanted to use only the eth0 interface (more common), use this example:
tcpdump -w tcpdumpPort80.pcap -i eth0 tcp port 80
Showing posts with label Wireshark. Show all posts
Showing posts with label Wireshark. Show all posts
Monday, April 18, 2011
Sending files from the Linux command line
Here is a quick way to e-mail yourself files from a server using mutt.
$ mutt -a tcpdumpApril182011.pcap my_name@example.com < /dev/null
Mutt is great for sending MIME encoded files.
$ mutt -a tcpdumpApril182011.pcap my_name@example.com < /dev/null
Mutt is great for sending MIME encoded files.
Tuesday, April 7, 2009
Take a network trace on HP UX
I needed to take a trace on an HP UX server the other day. These are the commands that I used:
nettl -tn 0x30800000 -e ns_ls_ip -tracemax 99999 -f /tmp/networkTrace
Then to kill it before it got to 99999 lines, I used the command
nettl -tf -e all
Then I analyzed /tmp/networkTrace with Wireshark.
nettl -tn 0x30800000 -e ns_ls_ip -tracemax 99999 -f /tmp/networkTrace
Then to kill it before it got to 99999 lines, I used the command
nettl -tf -e all
Then I analyzed /tmp/networkTrace with Wireshark.
Subscribe to:
Posts (Atom)