Tcpdump

This message will disappear after all relevant tasks have been resolved.

Semantic MediaWiki

There are 1 incomplete or pending task to finish installation of Semantic MediaWiki. An administrator or user with sufficient rights can complete it. This should be done before adding new data to avoid inconsistencies.

1. Article purpose

This article provides the basic information needed to start using the Linux tool: tcpdump^[1].

2. Introduction

The following table provides a brief description of the tool, as well as its availability depending on the software packages:

: this tool is either present (ready to use or to be activated), or can be integrated and activated on the software package.

: this tool is not present and cannot be integrated, or it is present but cannot be activated on the software package.

Tool			STM32MPU Embedded Software distribution			STM32MPU Embedded Software distribution for Android™
Name	Category	Purpose	Starter Package	Developer Package	Distribution Package	Starter Package	Developer Package	Distribution Package
tcpdump	Monitoring tools	tcpdump^[1] is a common packet analyzer that runs under the command line. It allows the user to display TCP/IP and other packets being transmitted or received over a network to which the computer is connected.

3. Installing the trace and debug tool on your target board

3.1. Using the STM32MPU Embedded Software distribution

tcpdump is installed by default and ready to be used with all STM32MPU Embedded Software Packages.

 which tcpdump
/usr/sbin/tcpdump

tcpdump is integrated in weston image distribution through meta-st package: meta-st/meta-st-openstlinux/recipes-st/packagegroups/packagegroup-framework-tools.bb.

RDEPENDS_packagegroup-framework-tools-network = "\
   tcpdump         \
   iptables        \
   ...

3.2. Using the STM32MPU Embedded Software distribution for Android™

tcpdump is installed by default (/system/xbin/tcpdump) and is ready to be used with all STM32MPU software packages for Android™, as soon as debug mode is enable (eng or userdebug build variants). Please see external/tcpdump/Android.mk.

 which tcpdump
/system/xbin/tcpdump

4. Getting started

Command line description

 tcpdump --help
Usage: tcpdump [-aAbdDefhHIJKlLnNOpqStuUvxX#] [ -B size ] [ -c count ]
               [ -C file_size ] [ -E algo:secret ] [ -F file ] [ -G seconds ]
               [ -i interface ] [ -j tstamptype ] [ -M secret ] [ --number ]
               [ -Q in|out|inout ]
               [ -r file ] [ -s snaplen ] [ --time-stamp-precision precision ]
               [ --immediate-mode ] [ -T type ] [ --version ] [ -V file ]
               [ -w file ] [ -W filecount ] [ -y datalinktype ] [ -z postrotate-command ]
               [ -Z user ] [ expression ]

Dump tcp traffic on eth0 interface (you can use ip addr show command to know the list of network interface available)

 tcpdump -i eth0
tcpdump: verbose output suppressed, use -v or -vv for full protocol decode
listening on eth0, link-type EN10MB (Ethernet), capture size 262144 bytes
10:55:33.107716 IP 10.48.2.165.ssh > 10.201.23.91.52308: Flags [P.], seq 4266254400:4266254528, ack 3520172211, win 333, options [nop,nop,TS val 57572827 ecr 260374058], length 128
10:55:33.108933 IP 10.201.23.91.52308 > 10.48.2.165.ssh: Flags [.], ack 128, win 1444, options [nop,nop,TS val 260374095 ecr 57572827], length 0
...

5. To go further

Some usage examples^[2].

6. References

Useful external links

Document link	Document Type	Description
tcpdump manpage	Standard	linux.die.net
tcpdump (wikipedia.org)	Standard	wikipedia.org

[tcpdumpdotorg-1] 1.0 ^1.1 http://www.tcpdump.org/

[2] ttp://www.thegeekstuff.com/2010/08/tcpdump-command-examples

[1]

[2]