Menu
I am trying to find a way to read multiple ports using tcpdump. Suppose I have two ports, p1 and p2, and I want to read the traffic moving through both ports simultaneously. Is there any way to do it using tcpdump or will I have to use some other tool?
Basically I am running a proxy server which is running on some port. I want to read the traffic moving through this port as well traffic moving through port 80(HTTP).
652
You can capture on all three interfaces with "tshark -i 1 -i 2 -i 3".
tcpdump allows you to specify network packets that are either using some port X as source or destination. For example, to capture DNS traffic, you can use port 53 . You could prefix the port keyword with src/dst as src port 53 or dst port 53 and filter it even further.
tcpdump port 80 or port 3128 or, alternatively,
tcpdump port '(80 or 443)' If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!
Donate Us With
