Search code examples
unixtcptcpdump

What is wrong with this tcpdump command?

I want to:

  • Intercept TCP traffic
  • Only on port 80
  • Only outgoing traffic
  • Originating from 192.168.0.101
  • Save it to verbose.txt

I have this line, but it says 'tcpdump: syntax error':

sudo tcpdump -A -ien0 -s0 -w verbose.txt src 192.168.0.101 port 80 and tcp

What is wrong?

Solution

  • As Steffen mentioned you're missing the conjunction "and".

    To address each of your requirements you would use the following filter:

    "src 192.168.0.101 and tcp dst port 80"

    So fully,

    tcpdump -A -ien0 -s0 -w verbose.txt "src 192.168.0.101 and tcp dst port 80"