I have recently formatted my machine with Centos 7. My two interfaces are named enp3s0 and enp4s1. I have used to switch to set port mirroring on both interfaces. I have used httpry and tcpdump -i enp4s1 tcp, but they both are now working. When I run the command tcpdump -i enp4s1 -v, it shows only upd packets. However, tcp packets are not capturing. My primary motive is to capture the websites, which are browsed by the users.
I have configured enp3s0 with static ip address. Ip Address- 172.30.. Sn Mask - default Gateway and DNS for enp4s1 Ip Addreess- 0.0.0.0 Sn Mask- Default
Bridge=br0
I have not set bridge right now. My previous machine had this, so I have just copied it. that it.
Can anyone plz help me with capturing tcp packets.
tcpdump and httpry not capturing tcp packets
Re: tcpdump and httpry not capturing tcp packets
1) Run as root - it's not best practice, but we need to get it working.
2) Does enp4s1 have a valid, working IP address?
3) Use tcpdump -i enp4s1 -s 65535 -w <file_to_write_out_to> for example: tcpdump -i enp4s1 -s 65535 -w /tmp/cap & then view /tmp/cap in wireshark. Dumping to file is less "work" for tcpdump than displaying on screen.
2) Does enp4s1 have a valid, working IP address?
3) Use tcpdump -i enp4s1 -s 65535 -w <file_to_write_out_to> for example: tcpdump -i enp4s1 -s 65535 -w /tmp/cap & then view /tmp/cap in wireshark. Dumping to file is less "work" for tcpdump than displaying on screen.