Tcpdump rules !

Tcpdump is clearly one of my favorite tool. Here a little example to filter the traffic of my OSPF router.

tcpdump -i eth0 ip[9] == 89

And the result:

12:43:48.219432 IP > OSPF-ALL.MCAST.NET: OSPFv2, Hello (1), length: 48
12:43:48.560817 IP > OSPF-ALL.MCAST.NET: OSPFv2, Hello (1), length: 48

Wonderfull no ? :)

Related Posts

5 thoughts on “Tcpdump rules !

  1. Yes, TCPWatch is a great tool too. I use it to debug HTTP server a couple of times, and this is a incredible feature.

    – Enjoy Networking ?

  2. Do you have any idea what should be the libpcap filter syntax in case we want to capture OSPFv3 packets!!

  3. Hi Dipankar, I know your question more than one year old, but here is the answer:

    sudo tcpdump -i eth0 proto ospf

    This captures OSPFv3 traffic too.

Leave a Reply

Your email address will not be published. Required fields are marked *

You may use these HTML tags and attributes: <a href="" title=""> <abbr title=""> <acronym title=""> <b> <blockquote cite=""> <cite> <code> <del datetime=""> <em> <i> <q cite=""> <strike> <strong>