Warning: Use of undefined constant HTTP_USER_AGENT - assumed 'HTTP_USER_AGENT' (this will throw an Error in a future version of PHP) in /var/www/html/linuxbyimraan.co.za/wp-content/themes/voice-blog/header.php on line 1
tcpdump command to capture full-sized packets – LinuxByImraan

tcpdump command to capture full-sized packets

It’s often more useful to capture packets using tcpdump rather than wireshark. For example, you might want to do a remote capture and either don’t have GUI access or don’t have Wireshark installed on the remote machine.

Older versions of tcpdump truncate packets to 68 or 96 bytes. If this is the case, use -s to capture full-sized packets:

$ tcpdump -i -s 65535 -w

You will have to specify the correct interface and the name of a file to save into. In addition, you will have to terminate the capture with ^C when you believe you have captured enough packets.

tcpdump is not part of the Wireshark distribution. You can get it from http://www.tcpdump.org/ or as a standard package in most Linux distributions. For more information on tcpdump consult your local manual page (man tcpdump)

No token or token has expired.

Leave a Reply

Your email address will not be published. Required fields are marked *