-----Original Message----- Message: 5 Date: Wed, 09 Jul 2008 14:39:38 -0500 From: Kevin Martin <kevintm@xxxxxxxxxxxxx> Subject: Re: tcpdump To: For users of Fedora <fedora-list@xxxxxxxxxx> Message-ID: <487513FA.9010809@xxxxxxxxxxxxx> Content-Type: text/plain; charset=ISO-8859-1; format=flowed tony.chamberlain@xxxxxxxxx wrote: > I want to look at all the traffic coming to my web browser (192.168.5.191) > (tomcat on port 80) using tcpdump. > > If I say tcpdump port 80 > > that will get 80 coming and going. Also if I say > tcpdump dst port 80 > I will still get any traffic I have to other web sites. > > I thought tcpdump (dst port 80) and (dst host 192.168.5.191) > would work but that does not seem to get anything. I went to > 192.168.5.191/~chamberl from another machine, got my web page > but nothing in the tcp dump. > > What is the correct way to do this (all incoming to my web browser)? > Theoretically besdies 192.168.5.191 I would also like 127.0.0.1 > > > Are you listening on the correct device? I just tried: tcpdump dst port 22 and dst host 10.10.20.20 and didn't get anything but when I added the "-i <device>" that 10.10.20.20 is bound to then I got the correct information. Kevin ========== yes I tried all four of tcpdump -i eth0 tcpdump -i l0 tcpdump -i any I guess that is only 3 ;-) Still no activity. Could the port number get changed somehow? I also used both 192.168.5.191 and 127.0.0.1 for host which should be more or less the same except the 191 should be eth0 and 127 should be lo -- fedora-list mailing list fedora-list@xxxxxxxxxx To unsubscribe: https://www.redhat.com/mailman/listinfo/fedora-list
