Tcpdump Cheat Sheet (Basic Advanced Examples)

Updated: Feb 16

Tcpdump is a CLI tool to capture raw network packets. This is useful for various forms of network troubleshooting. This cheat sheet covers all the basic and advanced options for tcpdump.

Purpose of Tcpdump

This tool is mainly used for troubleshooting network problems. For example, if we can have a DNS query issue, we can use this command to capture all the DNS packets to check out what happened.

We can use this tool for the following purpose.

  • Troubleshoot network problems

  • Examine security problems

  • Debug protocol implementations

  • Learn network protocols

How to Run tcpdump?

We can run tcpdump in local server or remote server with an SSH session. It accepts many filters and allows us to display data about packets going in and out of an interface. We can also filter syntax which is very powerful.

When we run the tcpdump command without any options then it will capture packets of all the interfaces. We can stop or cancel the tcpdump command by typing “ctrl+c” .

Basic Packet Capturing Options In Tcpdump

Tcpdump command can be used to filter all different packets.

For more tcpdump command examples, please check here.

Advanced Logical Operators in Tcpdump

We can get more advanced tcpdump command examples from here.

Related Post:

Filtering DNS with Tcpdump

Filtering ICMP ICMPv6 Packets with Tcpdump


Join our mail group. Get a free Linux account on Cloud.

Never miss a post!

Want a free Linux account?  This account can be used to login to our cloud server and practice Linux commands.


✔ Linux Commands   ✔ Linux Skills    ✔ LinuxPerformance   ✔ Linux Interview

Some articles are from the public internet. If you find your article misused or undesired here and you don't want us to display it, please let us know and we'll remove it immediately.