Library /sys$common/syshlp/helplib.hlb  —  tcpdump  Examples
    1.$ tcpdump host sundown

      This example shows how to use the tcpdump utility to display
      all packets arriving at or departing from host sundown.

    2.$ tcpdump host sundown and ( hot or ace )

      This example shows how to use the tcpdump utility to display
      traffic between sundown and either host hot or host ace.

    3.$ tcpdump ip host ace and not helios

      This example shows how to use the tcpdump utility to display
      all IP packets between ace and any host except helios.

    4.$ tcpdump net office

      This example shows how to use the tcpdump utility to display
      all traffic between local hosts and hosts on the network
      office.

    5.$ tcpdump gateway snup and (port 21 or 20)

      This example shows how to use the tcpdump utility to display
      all FTP traffic through Internet gateway snup.

    6.$ tcpdump ip and not net localnet

      This example shows how to use the tcpdump utility to display
      traffic neither sourced from nor destined for local hosts. If
      your network is connected to one other network by a gateway,
      this command does not produce any results on your local
      network.

    7.$ tcpdump tcp[13] & 3 != 0 and not src and dst net localnet

      This example shows how to use the tcpdump utility to display
      the start and end packets (the SYN and FIN packets) of each TCP
      conversation that involves a nonlocal host.

    8.$ tcpdump gateway snup and ip[2:2] > 576

      This example shows how to use the tcpdump utility to display IP
      packets longer than 576 bytes sent through gateway snup.

    9.$ tcpdump ether[0] & 1 = 0 and ip[16] >= 224

      This example shows how to use the tcpdump utility to display
      IP broadcast or multicast packets that were not sent using
      Ethernet broadcast or multicast.

    10$ tcpdump icmp[0] != 8 and icmp[0] != 0

      This example shows how to use the tcpdump utility to display
      all ICMP packets that are not echo requests or replies (that
      is, not PING packets).

    11$ tcpdump -s 1500 -envv ip6 and udp port 521

      This example shows how to use the tcpdump utility to display
      all RIPv6 packets.

    12$ tcpdump -s 1500 -envv ip6 and ether host a:b:c:d:e:f

      This example shows how to use the tcpdump utility to display
      all IPv6 packets arriving at or departing from a host with the
      Ethernet address a:b:c:d:e:f.
Close Help