ntap icon indicating copy to clipboard operation
ntap copied to clipboard
verified publisher icon botherder

A depth and breadth to the packet capture

Open plutonbacon opened this issue 10 years ago • 2 comments

Add the following flags to tcpdump:

  • nn makes it not lookup hostnames for faster and cleaner output
  • vv increases verbosity; fully decode SMB and NFS reply packets
  • X makes it print each packet in hex and ascii; useful for tracking headers
  • S makes it print absolute vs relative TCP seq numbers

plutonbacon avatar Oct 07 '15 19:10 plutonbacon

Are the printing options of any use? You're not really observing the output of the command anyway.

botherder avatar Oct 12 '15 21:10 botherder

@botherder - Fair point. Are you seeing the options (nn) and (vv) as helpful?

plutonbacon avatar Oct 13 '15 13:10 plutonbacon