Daniel Nyström wrote: > the packets roll by to fast.. or to specify.. it logs all packets but > I'm only interested in a few of them. How do I limit the output > so that only.. lets say.. UDP packets coming from 192.168.0.33 is shown? > Or, lets say I want to see the package that BitchX sends bitchx.com at > the first startup..?
man tcpdump http://freshmeat.net/projects/tcpdump2ascii/?topic_id=150 example: tcpdump -i eth0 udp src host 192.168.0.33 You should also have a look at dsniff: http://www.monkey.org/~dugsong/dsniff/
