so running this command tcpdump -i eth0 -s 1500 -w dump host www.example.com will give me the network traffic between src host to destination host
and destination host to src host
is that correct what i understand
Thanks and Regards
Kaushal
On 5/18/07, Andy Green <andy@xxxxxxxxxxx
> wrote:
Kaushal Shriyan wrote:
> Hi
>
> I have to capture network traffic between an appliance and content server
> using tcpdump command and then dump to a file and read and decode it using
> wireshark
>
> How do i proceed
>
> I have used tcpdump -i eth0 -s 1500 -w dump src host 192.168.0.1 and dst
> host www.example.com
>
> when i read the dump capture file using wireshark i could only see packets
> being sent from src host to destination host, I could not see any packets
> being sent from destination host to src host.
You specified what you wanted too tightly... ONLY packets coming FROM
('src host') 192.168.0.1 and going TO ('dst host') www.example.com.
Just using
-i eth0 -s 1500 -w dump host www.example.com
will get you what you want: see
man tcpdump
-Andy
--
fedora-list mailing list
fedora-list@xxxxxxxxxx
To unsubscribe: https://www.redhat.com/mailman/listinfo/fedora-list
