In my experience as a protocols test engineer, I have often found issues related to network connectivity, throughput loss, protocol procedure failures, having a challenge to troubleshoot and needs to verify IE level details. For these situations, tcpdump is a great tool. tcpdump is a command line utility that allows to capture the live TCP/IP packets going through an network interface and can also be saved to a pcap file for offline analysis using Wireshark tool. It is a very well known tool for IP packet capture in Linux systems.
In this article, we’ll look at some of tcpdump’s most common features.