Sunday, August 18, 2013

tcpdump for X-Forwarded-For header

How to take tcp dump for a service that is running on port 4002

#tcpdump -vvvs 1024 -l -A -w /tmp/web-1.pcap tcp port 4002
or
Take a dump to some specific network interface on some specific port.
tcpdump -i eth0.12 -s0 -w /tmp/web-1.pcap port 4002
How to read the tcpdump
tcpdump -X -vv -r web-1.pcap
or
use wireshark

No comments:

Post a Comment