====== tcpdump more======
<color #db5f0b>Feb 2021</color>
\\ 
\\ 

----
\\ 
\\ 
Here are some more great uses for tcpdump.
\\ 
\\ 
<color #00a2e8>tcpdump -i eth0 -nn -Q in</color>
\\ 
\\ 
Shows only the <color #00a2e8>'input'</color> traffic on the specified interface
\\ 
\\ 
Can also use <color #00a2e8>-Q out</color> for just <color #00a2e8>outgoing</color> traffic
\\ 

----
\\ 
<color #22b14c>tcpdump -i eth0-nn igmp</color>
\\ 
\\ 
Shows only IGMP traffic on the specified interface
\\ 
\\ 
Can be combined with <color #22b14c>-Q in/out</color>
\\ 
\\ 
<color #22b14c>tcpdump -i eth0 -nn igmp -Q in</color>
\\ 

----
\\ 
<color #ed1c24>tcpdump -i eth0 -nn -w capfile.pcap</color>
\\ 
\\ 
A simple tcpdump capture. <color #ed1c24>-w is write</color>.
\\ 
\\ 
Can be combined with <color #ed1c24>-Q in/out</color>
\\ 
\\ 
<color #ed1c24>tcpdump -i eth0 -nn -Q out -w capfile.pcap</color>
\\ 
\\ 
This captures only the ouput traffic on the interface eth0
\\ 
\\ 
----
\\ 
<color #7092be>tcpdump -i eth0 -nn port 5555</color>
\\ 
\\ 
Shows only traffic using port 5555.
\\ 
\\ 
Can be combined with <color #7092be>-Q in/out</color>
\\ 
\\ 
<color #7092be>tcpdump -i ens192 -nn -Q in port 5555</color>
\\ 
\\ 
Shows only traffic on port 5555 coming in to eth0
\\ 
\\ 

----