[GLLUG] tcpdump
Charles Ulrich
charles at bityard.net
Sat Aug 13 23:04:24 EDT 2016
On 08/13/2016 10:19 PM, Chick Tower wrote:
> On 08/13/2016 05:56 PM, Martin Konrad wrote:
>> Hi Chick,
>> You can use tcpdump to save traffic into a file and analyze that data
>> with Wireshark later [1].
>
> Yeah, I saw in the man page that tcpdump can save its data to a file. I
> ran it without using that option so I could see how much data it spit
> out and what it looked like. I got nothing at all, and when I hit
> <Ctrl>-c to stop it, it said 0 of everything was captured.
>
> I forgot to mention that I'm trying to watch the modem from the PC that
> is using it. Is that my problem?
You might have to specify which interface to monitor. tcpdump and
wireshark just might default to the loopback interface (lo) if no
ethernet- or wifi-like interface was detected. On dialup I would assume
your interface is ppp0, so something like this (as root);
tcpdump -i ppp0 -w traffic.pcap
I don't see why just capturing with wireshark wouldn't work. (Again, as
root or as a member of a privileged group.) Should just be a matter of
selecting the right interface and clicking the "start capture" icon.
Thanks,
Charles
More information about the linux-user
mailing list