tcpdump : How to capture pings (ICMP echo request/reply)
The following command will capture ping request/replies (ICMP echo request / replies) on eth0 and (due to -v
will decode and display them):
tcpdump -i eth0 -v 'icmp'
Example output:
13:51:16.007460 IP (tos 0x0, ttl 255, id 1522, offset 0, flags [none], proto ICMP (1), length 56)
10.158.211.2 > 10.158.211.1: ICMP echo request, id 32000, seq 2982, length 36
13:51:16.007484 IP (tos 0x0, ttl 64, id 37357, offset 0, flags [none], proto ICMP (1), length 56)
10.158.211.1 > 10.158.211.2: ICMP echo reply, id 32000, seq 2982, length 36