tcpdump: Pings (ICMP Echo Request/Reply) mitschneiden

Der folgende Befehl fängt Ping-Requests/Replies (ICMP-Echo-Requests/Replies) auf eth0 ab und (dank -v werden sie dekodiert und angezeigt):

capture_icmp.sh

tcpdump -i eth0 -v 'icmp'

tcpdump -i eth0 -v 'icmp'

Beispielausgabe:

tcpdump-output.txt

13:51:16.007460 IP (tos 0x0, ttl 255, id 1522, offset 0, flags [none], proto ICMP (1), length 56)
    10.158.211.2 > 10.158.211.1: ICMP echo request, id 32000, seq 2982, length 36
13:51:16.007484 IP (tos 0x0, ttl 64, id 37357, offset 0, flags [none], proto ICMP (1), length 56)
    10.158.211.1 > 10.158.211.2: ICMP echo reply, id 32000, seq 2982, length 36

13:51:16.007460 IP (tos 0x0, ttl 255, id 1522, offset 0, flags [none], proto ICMP (1), length 56)
    10.158.211.2 > 10.158.211.1: ICMP echo request, id 32000, seq 2982, length 36
13:51:16.007484 IP (tos 0x0, ttl 64, id 37357, offset 0, flags [none], proto ICMP (1), length 56)
    10.158.211.1 > 10.158.211.2: ICMP echo reply, id 32000, seq 2982, length 36

Check out similar posts by category: Networking

If this post helped you, please consider buying me a coffee or donating via PayPal to support research & publishing of new posts on TechOverflow

Buy me a coffee