Getting Started With tcpdump
To get started with tcpdump
, try the following command.
sudo tcpdump -i en0 -w trace.pcap |
The elements of this command line are:
The
sudo
command causestcpdump
to run with privileges, which is necessary in order to capture network traffic.The
-i en0
option tellstcpdump
to capture packets on the first Ethernet interface. By default,tcpdump
will use the first non-loopback interface it can find (usuallyen0
). To specify a different interface, just changeen0
to the BSD name of that interface. For example, the AirPort interface is typicallyen1
.To get a list of network interfaces and their user-visible names, run the networksetup tool with the
-listallhardwareports
argument.The
-w trace.pcap
parameter tellstcpdump
to write the packets to a file calledtrace.pcap
.
'OS > Mac OS' 카테고리의 다른 글
terminal syntax highlighting, directory coloring (0) | 2016.08.27 |
---|---|
Mac ettercap 패킷캡쳐, 스니핑 프로그램 (0) | 2016.05.11 |
GCC 어셈블리 사용법 (0) | 2016.05.02 |
Mac Safari 웹 소스코드 보는 법 (0) | 2016.05.02 |
MAC 터미널 'ls' 명령어 디렉토리, 파일명 색 변경 (0) | 2016.04.28 |