tcpdump
Kevin Martin
kevintm at ameritech.net
Wed Jul 9 19:39:38 UTC 2008
tony.chamberlain at lemko.com wrote:
> I want to look at all the traffic coming to my web browser (192.168.5.191)
> (tomcat on port 80) using tcpdump.
>
> If I say tcpdump port 80
>
> that will get 80 coming and going. Also if I say
> tcpdump dst port 80
> I will still get any traffic I have to other web sites.
>
> I thought tcpdump (dst port 80) and (dst host 192.168.5.191)
> would work but that does not seem to get anything. I went to
> 192.168.5.191/~chamberl from another machine, got my web page
> but nothing in the tcp dump.
>
> What is the correct way to do this (all incoming to my web browser)?
> Theoretically besdies 192.168.5.191 I would also like 127.0.0.1
>
>
>
Are you listening on the correct device? I just tried:
tcpdump dst port 22 and dst host 10.10.20.20
and didn't get anything but when I added the "-i <device>" that
10.10.20.20 is bound to then I got the correct information.
Kevin
More information about the fedora-list
mailing list