LinuxQuestions.org
Download your favorite Linux distribution at LQ ISO.
Home Forums Tutorials Articles Register
Go Back   LinuxQuestions.org > Forums > Linux Forums > Linux - Networking
Reload this Page tcpdump -n question
User Name
Password
Linux - Networking This forum is for any issue related to networks or networking.
Routing, network cards, OSI, etc. Anything is fair game.

Notices


Reply
  Search this Thread
Old 03-04-2004, 06:29 PM   #1
Melissa22
LQ Newbie
 
Registered: Feb 2004
Location: PA
Posts: 10

Rep: Reputation: 0
Question tcpdump -n question

I've looked throughout the website and couldn't pin down an answer so here it goes~~

I am in a lab group we are working with tcpdump syntax and filters. We did the prelab, but in the book we are unable to find exact answers to two of the questions.

1. Write the syntax of a tcpdump command that captures packets containing IP datagrams between two hosts with IP addresses 10.0.1.11 and 10.0.1.12, both on interface eth1.... my guess is

tcpdump -n -i host 10.0.1.11 and 10.0.1.12

but i'm probably wrong.....and

2.. Write a tcpdump filter expression that captures packets containing TCP segments with a source or destination IP address equal to 10.0.1.12 my guess for that one is.....

tcpdump -n host 10.0.1.12 and TCP

If anyone knows please respond....
Last edited by Melissa22; 03-04-2004 at 11:29 PM.
 
Old 03-05-2004, 11:41 AM   #2
Melissa22
LQ Newbie
 
Registered: Feb 2004
Location: PA
Posts: 10

Original Poster
Rep: Reputation: 0
if anyone has any idea please reply.
 
Old 03-05-2004, 01:09 PM   #3
chort
Senior Member
 
Registered: Jul 2003
Location: Silicon Valley, USA
Distribution: OpenBSD 4.6, OS X 10.6.2, CentOS 4 & 5
Posts: 3,660

Rep: Reputation: 76
Have you read the man page? It doesn't look like it, since both your strings are wrong.

$ man tcpdump

provides a wealth of information. Particularly, look at the -i flag and what argument it takes. Also look into the "proto" keyword.
 
Old 03-07-2004, 08:05 PM   #4
Skunk_Face
Member
 
Registered: Jan 2004
Posts: 54

Rep: Reputation: 15
tcpdump -i host!!!!

i may be wrong here but i think when u specify the -i arguement...its searches for an interface

like so: tcpdump -i eth0
 
  


Reply



Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts
BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off


Similar Threads
Thread Thread Starter Forum Replies Last Post
tcpdump / ethereal question jeffk42 Linux - Networking 2 09-22-2005 06:30 AM
tcpdump question gauge73 Linux - Newbie 2 08-09-2005 04:37 PM
tcpdump and arp question blackzone Linux - Networking 2 07-01-2004 12:25 PM
Iptables and tcpdump question cli_man Linux - Networking 1 05-11-2004 07:01 PM
tcpdump question Xris718 Linux - Networking 1 12-08-2003 11:42 PM

LinuxQuestions.org > Forums > Linux Forums > Linux - Networking

All times are GMT -5. The time now is 09:17 PM.

Contact Us - Advertising Info - Rules - Privacy - LQ Merchandise - Donations - Contributing Member - LQ Sitemap -
Main Menu
Advertisement
My LQ
Write for LQ
LinuxQuestions.org is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
Syndicate
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
Open Source Consulting | Domain Registration