Hello,
I run tcpdump by using this command to review sip call issues:
screen -dm tcpdump -s0 -w/tmp/capture-Started-date +%Y%m%d-%H%M%Z.pcap -C75 udp
I noticed that the packet capture works great for my eht0 device. Some calls come in through an OpenVPN tun0 interface, and also will work on an internal interface eth1. eth0 is a card that is directly connected to the internet with a public IP. The capture ONLY has packets that are traveling through eth0, not on tun0 or eth1. Is there something I can add to that command so that it captures packets for all interfaces on the system?
Thanks!
tcpdump in CentOS6.5
-
foxyguitarman
- Posts: 13
- Joined: 2005/10/28 01:37:38
- Location: Phoenix, AZ
- Contact:
Re: tcpdump in CentOS6.5
Both tcpdump and tshark default to using first interface they come across. You can specify -i ethX to have it use a specific other interface or you can use -i any to listen on all available interfaces at the same time. It's in the man page for both commands...
The future appears to be RHEL or Debian. I think I'm going Debian.
Info for USB installs on http://wiki.centos.org/HowTos/InstallFromUSBkey
CentOS 5 and 6 are deadest, do not use them.
Use the FAQ Luke
Info for USB installs on http://wiki.centos.org/HowTos/InstallFromUSBkey
CentOS 5 and 6 are deadest, do not use them.
Use the FAQ Luke