Common tcpdump Parameters

1. Run tcpdump as administrator

sudo tcpdump -n -t -S -i enp0s3  port 80 

• -i: specify the capture interface, such as enp0s3.
• -n: do not resolve domain names.
• -nn: do not resolve domain names or ports.
• -t: do not print timestamps.
• -S: use absolute sequence numbers. Without -S, relative sequence numbers are used.
• -A: print packets as ASCII strings.
• -X: print packets as both hexadecimal and ASCII strings.
• -w: write packets to a file.
• port: specify the listening port, such as 80.
• host: specify the host to capture.

REF

[1]. https://www.cnblogs.com/onesea/p/13053697.html

[2]. https://zhuanlan.zhihu.com/p/482617730

[3]. OSI模型