tcpdump Command in Linux with Examples Last Updated : 19 Jul, 2024 Comments Improve Suggest changes Like Article Like Report tcpdump is a packet sniffing and packet analyzing tool for a System Administrator to troubleshoot connectivity issues in Linux. It is used to capture, filter, and analyze network traffic such as TCP/IP packets going through your system. It is many times used as a security tool as well. It saves the captured information in a pcap file, these pcap files can then be opened through Wireshark or through the command tool itself.Installing tcpdump tool in LinuxMany Operating Systems have tcpdump command pre-installed but to install it, use the following commands. For RedHat based linux OSyum install tcpdumpFor Ubuntu/Debian OSapt install tcpdumpWorking with tcpdump command1. To capture the packets of current network interfacesudo tcpdump This will capture the packets from the current interface of the network through which the system is connected to the internet. 2. To capture packets from a specific network interfacesudo tcpdump -i wlo1 This command will now capture the packets from wlo1 network interface. 3. To capture specific number of packetssudo tcpdump -c 4 -i wlo1 This command will capture only 4 packets from the wlo1 interface. 4. To print captured packets in ASCII formatsudo tcpdump -A -i wlo1 This command will now print the captured packets from wlo1 to ASCII value. 5. To display all available interfacessudo tcpdump -D This command will display all the interfaces that are available in the system. 6. To display packets in HEX and ASCII valuessudo tcpdump -XX -i wlo1 This command will now print the packets captured from the wlo1 interface in the HEX and ASCII values. 7. To save captured packets into a filesudo tcpdump -w captured_packets.pcap -i wlo1 This command will now output all the captures packets in a file named as captured_packets.pcap. 8. To read captured packets from a filesudo tcpdump -r captured_packets.pcap This command will now read the captured packets from the captured_packets.pcap file. 9. To capture packets with ip addresssudo tcpdump -n -i wlo1 This command will now capture the packets with IP addresses. 10. To capture only TCP packetssudo tcpdump -i wlo1 tcp This command will now capture only TCP packets from wlo1. Comment More infoAdvertise with us Next Article tcpdump Command in Linux with Examples manav014 Follow Improve Article Tags : Technical Scripter Linux-Unix linux-command Linux-networking-commands Similar Reads rcp Command in Linux with examples When working in a Linux environment, there often comes a time when you need to transfer files from one computer to another. While more secure options like scp or rsync exist, the rcp (Remote Copy Protocol) command offers a simple and efficient way to copy files between systems, especially for beginn 5 min read tac command in Linux with Examples tac command in Linux is used to concatenate and print files in reverse. This command will write each FILE to standard output, the last line first. When no file is specified then this command will read the standard input. Here, we will look deeper into the tac command, exploring its syntax, various o 3 min read od command in Linux with example The od (octal dump) command in Linux is a versatile tool used to display file contents in various formats, with the default being octal. This command is particularly useful for debugging scripts, examining binary files, or visualizing non-human-readable data like executable code. It allows users to 6 min read tee command in Linux with examples tee command reads the standard input and writes it to both the standard output and one or more files. The command is named after the T-splitter used in plumbing. It basically breaks the output of a program so that it can be both displayed and saved in a file. It does both the tasks simultaneously, c 2 min read script command in Linux with Examples The 'script' command in Linux is a versatile tool that allows you to record all terminal activities, including inputs and outputs, making it a valuable resource for developers, system administrators, educators, and anyone who needs to document terminal sessions. This command captures everything disp 5 min read rsync command in Linux with Examples rsync or remote synchronization is a software utility for Unix-Like systems that efficiently sync files and directories between two hosts or machines. One is the source or the local-host from which the files will be synced, the other is the remote-host, on which synchronization will take place. Ther 7 min read as command in linux with examples as command is the portable GNU assembler in Linux. Using as command, we can read and assemble a source file. The main purpose of 'as' is to assemble the output of the GNU compiler of the C language.as command reads and assembles the .s File. Also, whenever you do not specify the file, it normally re 3 min read vnstat command in Linux with Examples vnstat is a command-line tool in Linux that is generally used by system administrators in order to monitor network parameters such as bandwidth consumption or maybe some traffic flowing in or out. It monitors the traffic on the system's network interfaces. Installing vnstat on LinuxIn case of RedHat 4 min read restore command in Linux with Examples restore command in Linux system is used for restoring files from a backup created using dump. The restore command performs the exact inverse function of dump. A full backup of a file system is being restored and subsequent incremental backups layered is being kept on top of it. Single files and dire 5 min read Linux sftp command with Example In this article, we are going discuss about sftp. It is a protocol for securely transferring files from a remote server to a local machine. before SFTP, FTP was used to transfer files but it was unsecured. An attacker can read the communication between a remote server and a local machine. What is SF 5 min read Like