capture the traffic for 300 seconds and save it in output_file and exit
tshark -a duration:300 -q -w output_file
Sniff the traffic and show it on the screen
tshark -S
Sniff 1000 packets and show it on the screen
tshark -S -c 1000
IO Stats - How many packets and frames has been transfered in 60 seconds?
tshark -a duration:60 -z io,stat,60
read the dumpfile 'output_file'
tshark -r output_file
read output_file and show only http connections from the ip 1.2.3.4
tshark -r output_file -R "ip.addr == 1.2.3.4 && tcp.port == 80"
Show only http GET requests from the output_file
tshark -r output_file -R "http.request.method==GET"
Show IP's mit incoming & outgoing traffic
tshark -r output_file -q -z conv,ip
Save the smtp network connection for 300 seconds and also displays realtime the connections.
tshark -w smtp-network-connections -a duration:300 -S -q -R "smtp"
- Log in to post comments