I am trying to find a way to read multiple ports using tcpdump.开发者_开发知识库 Suppose I have two ports, p1 and p2, and I want to read the traffic moving through both ports simultaneously. Is there any way to do it using tcpdump or will I have to use some other tool?
Basically I am running a proxy server which is running on some port. I want to read the traffic moving through this port as well traffic moving through port 80(HTTP).
tcpdump port 80 or port 3128
or, alternatively,
tcpdump port '(80 or 443)'
if you want to filter ports based on the range then use portrange.
E.g:
tcpdump -an portrange 1-25
You can also select an interface (change -i any to -i en0 for example) and the communication protocol :
tcpdump -i any 'udp port 1812 or tcp port 1813'
精彩评论