tcpdump Tutorial

08. 01. 2022 Updated: 24. 03. 2026 1 min read intermediate

This article was published in 2022. Some information may be outdated.

tcpdump is the most important network diagnostic tool on servers.

Basics¶

sudo tcpdump -i any port 80 sudo tcpdump -i any host 10.0.1.50 sudo tcpdump -c 100 -i any

sudo tcpdump ‘src host 10.0.1.50 and dst port 5432’ sudo tcpdump ‘not port 22’ sudo tcpdump udp port 53

sudo tcpdump -A port 80 # ASCII sudo tcpdump -w capture.pcap # for Wireshark tcpdump -r capture.pcap

sudo tcpdump -A port 80 | grep -i ‘host:’ sudo tcpdump udp port 53 -nn sudo tcpdump ‘tcp[tcpflags] & tcp-syn != 0’

Basic filters + pcap for Wireshark.

tcpdumpnetworkingpacket capture

We build core systems and AI agents that keep operations running. 15 years of experience with enterprise IT.

Bridge, host, overlay — how Docker networking works and how to connect containers across hosts.

A complete guide to service mesh technologies in 2026. Istio vs Cilium Service Mesh vs Linkerd comparison, sidecar...

A practical guide to securing your home network — router, DNS, VPN, segmentation.

Network management — ip, ss, iptables commands, routing and diagnostics.