Network

tcpdump

Capture and analyze network traffic on an interface.

Synopsis

syntax
tcpdump [OPTION]... [EXPRESSION]

Examples

Capture all traffic on eth0
sudo tcpdump -i eth0
Capture HTTP traffic
sudo tcpdump -i any port 80 -n
Save 100 packets to file
sudo tcpdump -i eth0 -c 100 -w capture.pcap
Read pcap and show ASCII payload
tcpdump -r capture.pcap -A

Common options

FlagDescription
-iInterface to capture on
-nDon't resolve hostnames
-cCapture N packets then stop
-wWrite to pcap file
-rRead from pcap file
-vVerbose output
-APrint packet payload in ASCII

About tcpdump

The `tcpdump` command capture and analyze network traffic on an interface. Networking commands handle connectivity testing, DNS resolution, data transfer, remote access, firewall rules, and traffic analysis.

Linux is the dominant server operating system, and strong networking skills are essential for web hosting, container orchestration, security auditing, and infrastructure management. The command accepts 7 commonly used flags shown above, though the full set of options is available in the man page (`man tcpdump`).

The 4 examples on this page cover typical real-world usage patterns that you can copy and adapt for your own workflows.

Related commands

nmapssnetstatcurl

More Network Commands

Other commands in the Network category

pingtraceroutedignslookuphostipifconfignetstatsscurlView all →

Related tools

All Linux CommandsLinux Command ReferenceUnix Permissions CalculatorGitignore GeneratorRegex TestercURL Generator