capture network traffic on two different ports simultaneously
Solution 1
Problem solved it was actually very simple I should have tried it before ..
but thanks I got my idea just by looking at your answers.
I think it is the beauty of stackoverflow if we could find an exact answer , we can invent it through the discussion. ..
$ tcpdump -X -s0 protochain 50 or 51
Solution 2
I am no tcpdump expert but found this in the tcpdump manpage:
tcpdump 'gateway snup and (port ftp or ftp-data)'
So try this
tcpdump '(port ftp or ftp-data)'
Solution 3
Hi, you just need to compose two ports like this:
tcpdump -n -i $INTERFACE port 21 or port 22
where -n will get numerical address without reverse resolving (faster)
and $INTERFACE is real interface where you sniff trafic
Udit Gupta
Hello All !!! About me , I am a developer. Here Because I think mutual colloboration is the best way to learn and develope best applications.
Updated on June 04, 2022Comments
-
Udit Gupta about 2 years
I wish to capture tcpdump traffic on two different ports simultaneouly .
I tried this ..
$ tcpdump port 21 ; tcpdump port 22Althoug it worked but problem is first it will wait for traffic on port 21 and when interrupted then it will wait for port 22.
Also another problem is it will not capture the traffic on port 22 untill traffic on port 21 will be captured.
I want an order free solution means in whatever order packet arrives if they are for port 21 or 22 they should be captured .
Please help me on this !!!
EDIT :
Sorry I did not specified it before the actual command I am trying to run is this ..
$ tcpdump -X -s0 protochain 50and
$ tcpdump -X -s0 protochain 51Now I need to use 50 and 51 both simultaneously ..