Below tcpdump -r command can be used to read the tcpdumps files.
Below is example snippet of above command.
Products to which Article Applies
All Linux Operating Systems
tcpdump -r <TCPDUMP FILE>
Below is example snippet of above command.
tcpdump -r test-net-capture.pcap
reading from file test-server_2019-02-09-07_3A17_3A21.pcap, link-type LINUX_SLL (Linux cooked)
15:17:21.989054 IP 10.10.21.240.958 > 10.10.21.17.nfs: Flags [P.], seq 681528850:681528990, ack 544193837, win 24576, options [nop,nop,TS
val 9880026 ecr 239296542], length 140: NFS request xid 2055647236 136 read fh Unknown/ZZYYXX0A00040000000
000678F0000 4096 bytes @ 5436645376
15:17:21.999201 IP 10.10.21.240.958 > 10.10.21.17.nfs: Flags [P.], seq 140:280, ack 4229, win 24576, options [nop,nop,TS val 9880036 ecr
239296543], length 140: NFS request xid 2072424452 136 read fh Unknown/ZZYYXX0A00040000000000678F0000 4096
bytes @ 5436649472
15:17:22.009024 IP 10.10.21.240.958 > 10.10.21.17.nfs: Flags [P.], seq 280:420, ack 8457, win 24576, options [nop,nop,TS val 9880046 ecr
reading from file test-server_2019-02-09-07_3A17_3A21.pcap, link-type LINUX_SLL (Linux cooked)
15:17:21.989054 IP 10.10.21.240.958 > 10.10.21.17.nfs: Flags [P.], seq 681528850:681528990, ack 544193837, win 24576, options [nop,nop,TS
val 9880026 ecr 239296542], length 140: NFS request xid 2055647236 136 read fh Unknown/ZZYYXX0A00040000000
000678F0000 4096 bytes @ 5436645376
15:17:21.999201 IP 10.10.21.240.958 > 10.10.21.17.nfs: Flags [P.], seq 140:280, ack 4229, win 24576, options [nop,nop,TS val 9880036 ecr
239296543], length 140: NFS request xid 2072424452 136 read fh Unknown/ZZYYXX0A00040000000000678F0000 4096
bytes @ 5436649472
15:17:22.009024 IP 10.10.21.240.958 > 10.10.21.17.nfs: Flags [P.], seq 280:420, ack 8457, win 24576, options [nop,nop,TS val 9880046 ecr
Products to which Article Applies
All Linux Operating SystemsAdditional Reference
https://www.tecmint.com/12-tcpdump-commands-a-network-sniffer-tool/
tarun boyella
No comments:
Post a Comment