PCAPDUMP(1) - man page online | user commands

Dedicated packet capture utility.

11 May 2009
pcapdump(1)                                                                           pcapdump(1)


pcapdump - dedicated packet capture utility


pcapdump [OPTIONS]...


pcapdump captures packets from a network interface and writes them to a dumpfile. The filename argument given to -w will be formated by strftime(3).


-i interface Input interface to read packets from. -r pcap file Dump file to read packets from. -w pcap file Dump file to write filtered packets to. -f expression BPF expression which selects packets to be filtered. -s snaplen Capture snaplen bytes of data from each packet. -p Disable promiscuous mode sniffing.


-u owner Set the output file's owning user to owner. -g group Set the output file's owning group to group. -m mode Set the output file's mode to mode, specified in octal. -t secs Dump file rotation interval in seconds. -c count Exit after capturing count packets. -T secs Exit after capturing during this amount of seconds. -H Only capture link, network, and transport headers; do not capture application-layer data. -S sample value Sample the packet stream by only dumping 1 in every sample value packets. -R Together with -S, sample the packets randomly, not systematically. -P pidfile Daemonize the process and write its PID to pidfile. -C config file File to read configuration variables from. Instead of passing configuration through the command line, a file can be used to specify values for the bpf, device, filefmt, group, interval, mode, owner, promisc, and snaplen options (not all need to be specified; defaults will be used otherwise). See /usr/share/doc/pcaputils/ex‐ amples/pcapdump/eth0 for an example.
11 May 2009 pcapdump(1)
This manual Reference Other manuals
pcapdump(1) referred by
refer to strftime(3)