Login or Register to Ask a Question and Join Our Community

Sponsored Content
Full Discussion: Port flow capture
Homework and Emergencies Emergency UNIX and Linux Support Port flow capture Post 302943623 by otheus on Monday 11th of May 2015 07:29:16 AM
Old 05-11-2015
Traditionally, you must specify a device. Therefore

Code:
tcpdump -i eth0 -w /tmp/syn.pcap 'tcp[tcpflags] & (tcp-syn) != 0'

But that assumes you want it from eth0. Maybe you want it from wlan0. But maybe your system currently has no interfaces that are up. That would explain why you're not seeing any tcp packets and are resorting to tcpdump in the first place.

Also, the output will be to that file so you won't know it's working right away. Try it without -w... until you get some output.
 

9 More Discussions You Might Find Interesting

1. Cybersecurity

Flow of Unix System

Hello, Is there a functional flow of the UNIX security system that I can view? (1 Reply)
Discussion started by: spanglerbrod
1 Replies

2. Programming

dilemma in control flow

hello im facing a queer problem when i execute the foll code in unix # include <stdio.h> # include <unistd.h> main(int argc,char *argv) { FILE *fp = fopen("/ras/chirag/fifotest/file.fifo","a"); int i=1; fprintf(fp,argv); printf("I SLEEP"); system("date"); for (i=0;i<50;i++)... (2 Replies)
Discussion started by: tej.buch
2 Replies

3. Programming

Flow Chart

Any One help how to draw the flow chart for C programe ? If any usefull link's. (1 Reply)
Discussion started by: sabari
1 Replies

4. Programming

buffer over flow detected

Hi, my program stops with a buffer overflow error, but i can't understand the problem. I have a file like: int array; //global variable void func(){ int i; for(i=0;i<n;i++)array=-1; ... } I had the error when i added the array initialization. the file is a part of a C project. What... (1 Reply)
Discussion started by: littleboyblu
1 Replies

5. Shell Programming and Scripting

Understanding Logic and Flow better

i am in an epic quagmire of horrid misunderstanding. its been a while since ive been in the scene, couldnt remember my login for the account i used to have here, so excuse the 1st post. i dont want it to seem like ima post n boogy. in any case here we go: just recently installed mandriva... (6 Replies)
Discussion started by: SirDonkeyPunch
6 Replies

6. IP Networking

Creating a printer emulator to capture PDL/PCL data coming in on port 9100.

I have a number of Windows CE operator terminals. They have facility to print alarms/messages to ... aser or Inkjet (so they're using PCL). USB or IP. IP connection takes just the IP address. Question How could I create a service or daemon on a server to capture all this data?... (7 Replies)
Discussion started by: transistor
7 Replies

7. Shell Programming and Scripting

Flow Control in CSH

hi , I am new to scripting, i have a doubt can any one pls solve it for me the code is not working set users = (user1 user2 user3) echo The users are echo $users echo Enter the USER NAME set USER_NAME = $< set i = 1; for ( i = 1; i <= $#users; i++ ) if ( $USER_NAME == $users )... (1 Reply)
Discussion started by: Manju87
1 Replies

8. Shell Programming and Scripting

Will this flow work

B() { } A() { calling a function B } for condition do calling a function A done Shall after executing function B, the control will return back to loop? Thanks in advance :) (2 Replies)
Discussion started by: ezee
2 Replies

9. Solaris

How to find port number wwn of particular port on dual port HBA,?

please find the below o/p for your reference bash-3.00# fcinfo hba-port HBA Port WWN: 21000024ff295a34 OS Device Name: /dev/cfg/c2 Manufacturer: QLogic Corp. Model: 375-3356-02 Firmware Version: 05.03.02 FCode/BIOS Version: BIOS: 2.02; fcode: 2.01;... (3 Replies)
Discussion started by: sb200
3 Replies

LEARN ABOUT DEBIAN

tracestats

TRACESTATS(1)							   User Commands						     TRACESTATS(1)

NAME

       tracestats - perform simple analysis on a trace

SYNOPSIS

       tracestats [ -f | --filter bpf ]... inputuri...

DESCRPTION

       tracestats  reads  one  or  more  traces  and  outputs summaries for each trace of how many packets/bytes match each bpf filter, as well as
       totals.	If instead of doing this for the entire trace, but to do it for portions then use tracertstats(1) instead.

       -f bpf-filter
       --filter bpf-filter
	      Add another bpf filter

EXAMPLES

       tracestats --filter 'host sundown' 
	    --filter 'port http' 
	    --filter 'port ftp or ftp-data' 
	    --filter 'port smtp' 
	    --filter 'tcp[tcpflags] & tcp-syn!=0' 
	    --filter 'not ip' 
	    --filter 'ether[0] & 1 == 1' 
	    --filter 'icmp[icmptype] == icmp-unreach' 
	    erf:/traces/trace1.gz 
	    erf:/traces/trace2.gz 

LINKS

       More details about tracestats (and libtrace) can be found at http://www.wand.net.nz/trac/libtrace/wiki/UserDocumentation

SEE ALSO

       libtrace(3), tracemerge(1), tracefilter(1), traceconvert(1), tracesplit(1), tracesplit_dir(1), tracereport(1),  tracertstats(1),  tracepkt-
       dump(1), traceanon(1), tracesummary(1), tracereplay(1), tracediff(1), traceends(1), tracetopends(1)

AUTHORS

       Perry Lorier <perry@cs.waikato.ac.nz>

tracestats (libtrace)						   October 2005 						     TRACESTATS(1)
All times are GMT -4. The time now is 05:02 AM.
Unix & Linux Forums Content Copyright 1993-2022. All Rights Reserved.
Privacy Policy