[tcpdump] How to use tcpdump to capture packet

1. Install tcpdump

sudo apt-get install tcpdump

2. Using the command to catch the packet.

& put the command into the background

-s capture size 10000 bytes

sudo tcpdump host 10.15.109.41 and port 5060 -s 10000 -w results/1.pcap &

Remeber the last the pid of  command to pid1.
pid1=$!

ex :

happy@happy-laptop:~/test1/good$ sudo tcpdump host 1.1.1.1 and port 5060 -s 10000 -w test.pcap &

[1] 13291

happy@happy-laptop:~/test1/good$ pid1=$!

happy@happy-laptop:~/test1/good$ echo $pid1

13291

Reference:

• Packet Capturing with TCPDUMP command in linux