Specifications
3-407
Cisco Wide Area Application Services Command Reference
OL-21611-01
Chapter 3 CLI Commands
tcpdump
tcpdump
To dump network traffic, use the tcpdump EXEC command.
tcpdump [LINE]
Syntax Description
Defaults No default behavior or values.
Command Modes EXEC
Device Modes application-accelerator
central-manager
Usage Guidelines TCPdump is a utility that allows a user to intercept and capture packets passing through a network
interface, making it useful for troubleshooting network applications.
During normal network operation, only the packets which are addressed to a network interface are
intercepted and passed on to the upper layers of the TCP/IP protocol layer stack. Packets which are not
addressed to the interface are ignored. In Promiscuous mode, the packets which are not intended to be
received by the interface are also intercepted and passed on to the higher levels of the protocol stack.
TCPdump works by putting the network interface into promiscuous mode. TCPdump uses the free
libpcap (packet capture library).
Use the -h option to view the options available, as shown in the following example:
WAE# tcpdump -h
tcpdump version 3.8.1 (jlemon)
libpcap version 0.8
Usage: tcpdump [-aAdDeflLnNOpqRStuUvxX] [-c count] [ -C file_size ]
[ -E algo:secret ] [ -F file ] [ -i interface ] [ -r file ]
[ -s snaplen ] [ -T type ] [ -w file ] [ -y datalinktype ]
[ expression ]
Examples The following example shows how to start a network traffic dump to a file named tcpdump.txt:
WAE# tcpdump -w tcpdump.txt
Related Commands less
ping
tethereal
LINE (Optional) Dump options. For more information see the “Usage Guidelines”
section.