Share your knowledge at the LQ Wiki.
Go Back > Forums > Linux Forums > Linux - Newbie
User Name
Linux - Newbie This Linux forum is for members that are new to Linux.
Just starting out and have a question? If it is not in the man pages or the how-to's this is the place!


  Search this Thread
Old 03-25-2005, 08:42 AM   #1
LQ Newbie
Registered: Mar 2005
Location: Georgia
Distribution: Ubuntu / Leopard / WinXP
Posts: 23

Rep: Reputation: 15
"grep" and "tcpdump"

Hello all,

I still consider myself a fledgling linux user, even though I run my own server box which I recently upgraded from Fedora Core 2 to Fedora Core 3. Especially after signing up on these forums, I am convinced I am still quite green behind the ears.

Hence, I would like to ask the gurus to help me out in giving me a quick-and-dirty summary on how to use the "grep" and "tcpdump" commands effectively. Security is first and foremost on my mind, as I run an Apache webserver with MySQL and PHP, in addition to multiple gaming servers, off of the FC3 box. I have it sitting behind a Linksys (BEFSR41) router.

Basically I do a lot of looking through logs and analyzing network traffic. I feel these two commands would really help me out with that (especially in troubleshooting networking or server issues), but unfortunately I don't understand exactly how these work or how they're used very well.

Yes, I'm definitely still a

Old 03-25-2005, 09:35 AM   #2
Registered: Nov 2004
Location: Lawrence, Kansas
Distribution: SuSE 10.2 Gentoo Knoppix
Posts: 63

Rep: Reputation: 15
I would... also be very interested in that.. I as well have a server that I built.. but i still have no idea what I am doing.. however i use streight up SuSE 9.2 in all of it.. I just learend what a pipe (|) is the other day.. all the code that i have use w/ grep... was told to me by somone else, without explanation of what it actually does....
Old 03-25-2005, 11:56 PM   #3
LQ Guru
Registered: Aug 2001
Location: Fargo, ND
Distribution: SuSE AMD64
Posts: 15,733

Rep: Reputation: 680Reputation: 680Reputation: 680Reputation: 680Reputation: 680Reputation: 680
You might want to use the ethereal program. You can enter a filter expression to look at just the lines you want. This is what you would use grep for. Tcpdump saves a binary format file, so grep wouldn't work in that case. You could however redirect the console output to a file, which would be text and use grep or sed to extract infomation.

If you have a tcpdump file saved, you can load it into ethereal. You can also export a text file. If you want to use grep on a text file from tcpdump or ethereal, you could use the -C n grep option to include 'n' lines of output after the match. Also consider using sed rather than grep. Sed could filter out blocks of lines you are interested. You could also have sed save certain matches to a file, and other types of matches to another file.

If you search this site, you will find a link to a web-site that goes into how to use ethereal for analysis.


Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off

Similar Threads
Thread Thread Starter Forum Replies Last Post
bash script: using "select" to show multi-word options? (like "option 1"/"o zidane_tribal Programming 7 12-19-2015 01:03 AM
what is "sticky bit mode" , "SUID" , "SGID" augustus123 Linux - General 10 08-03-2012 04:40 AM
Telling people to use "Google," to "RTFM," or "Use the search feature" Ausar General 77 03-21-2010 11:26 AM
"Xlib: extension "XFree86-DRI" missing on display ":0.0"." zaps Linux - Games 9 05-14-2007 03:07 PM
"Undeleting" data using grep, but get "grep: memory exhausted" error SammyK Linux - Software 2 03-13-2004 03:11 PM > Forums > Linux Forums > Linux - Newbie

All times are GMT -5. The time now is 06:59 PM.

Main Menu
Write for LQ is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
Open Source Consulting | Domain Registration