tcpdump wireshark example

Aruba Employee
Aruba Employee

Below are some examples of tcpdump commands for capturing packets that can be opened with Wireshark or Ethereal:

To get all traffic between the AMP and any one host:

# tcpdump -s0 -w <FILEPATH> host <IP_ADDRESS> 

For all traffic on a specific port:

# tcpdump -s0 -w <FILEPATH> port <PORT_NUMBER>

For a specific port AND a specific remote device

# tcpdump -s0 -w <FILEPATH> host <IP_ADDRESS> && port <PORT_NUMBER>

As a specific example, if I wanted to capture all the snmp traffic on port 161 between my AMP and a controller at, and I wanted that traffic in a Wireshark-readable file at /tmp/controller_snmp.dmp, I would do this:

# tcpdump -s0 -w /tmp/controller_snmp.dmp host && port 161

For more detailed information consult the man pages for tcpdump

#man tcpdump

A copy of Wireshark can be downloaded from:

Version history
Revision #:
1 of 1
Last update:
‎06-10-2014 03:05 PM
Updated by:
Search Airheads
Showing results for 
Search instead for 
Did you mean: