This one time, at band camp, viswanadh raju wrote:
> Can anyone help me how to install tcpdump, run it and how to view the
> packet capture.
Install the tcpdump package from the Red Hat cds.
> Further can u help me how to capture particular kind of packets, when there
> is some packet transfer among my machines in my network in which server is a DHCP
> one.
What sort of packets do you want?
Today I wanted to check whether a firewall was blocking remote postgres
access from a certain webserver to a certain other database server, so I did
this on the webserver:
tcpdump -i eth1 -l -nn host db and dst port postgres
which listened on the eth1 device, didn't try to do any host or service
lookups in the output, and matched all packets that were destined for the
machine called db and had a destination port of 5432.
On the database server, I tried
tcpdump -i eth0 -l -nn dst port postgres
to listen on eth0 and match all packets still destined for postgres.
The manpage for tcpdump ("man tcpdump" from the command line) gives a lot
more detailed information on how to match particular types of packets.
--
[EMAIL PROTECTED] http://spacepants.org/jaq.gpg
--
SLUG - Sydney Linux User's Group - http://slug.org.au/
More Info: http://lists.slug.org.au/listinfo/slug
