Tcpdump: Difference between revisions

From Dave-Wiki
(Created page with "=Summary= tcpdump is a command-line packet analyzer (or packet sniffer) that allows users to capture and inspect network traffic in real time. It is commonly used for network troubleshooting, debugging, and security analysis. tcpdump works by intercepting and displaying the packets being transmitted or received over a network interface, giving users detailed information about network activity. =General= ==Common Tasks== ===Remote packet-capture from Aruba Controller=...")
 
Line 6: Line 6:


==Common Tasks==
==Common Tasks==
===Remote packet-capture from Aruba Controller===
Aruba controller sends the remote packet-capture GRE-encapsulated.
On capture server:
sudo tcpdump -ni ens224 proto gre -w capture.pcap
On Aruba controller:
packet-capture destination ip-address 128.186.255.198
packet-capture datapath ipsec
When done, don't forget to:
no packet-capture datapath ipsec

Revision as of 19:02, 21 January 2025

Summary

tcpdump is a command-line packet analyzer (or packet sniffer) that allows users to capture and inspect network traffic in real time. It is commonly used for network troubleshooting, debugging, and security analysis. tcpdump works by intercepting and displaying the packets being transmitted or received over a network interface, giving users detailed information about network activity.

General

Common Tasks

Retrieved from "https://davehome.net/wiki/index.php?title=Tcpdump&oldid=397"