6:[["$","$Le",null,{}],["$","div",null,{"className":"min-h-screen bg-gray-100 p-6","children":[["$","$Lf",null,{}],["$","script",null,{"type":"application/ld+json","dangerouslySetInnerHTML":{"__html":"{\"@context\":\"https://schema.org\",\"@type\":\"QAPage\",\"mainEntity\":{\"@type\":\"Question\",\"name\":\"What's a tcpdump one-liner to dump a TCP stream that matches a given substring?\",\"text\":\"

Is there a quick tcpdump one-liner to print out a TCP stream that matches a particular substring -- or, if that's not easy, how about printing out just the single TCP packet that matches the substring?

\\n\",\"author\":{\"@type\":\"Person\",\"name\":\"raldi\"},\"upvoteCount\":2,\"answerCount\":1,\"acceptedAnswer\":{\"@type\":\"Answer\",\"text\":\"

The best option is to use ngrep rather than tcpdump. Ngrep is designed to do exactly what you're after.

\\n\",\"author\":{\"@type\":\"Person\",\"name\":\"Andrew Edgecombe\"},\"upvoteCount\":6}}}"}}],["$","div",null,{"className":"bg-white shadow-md rounded-lg p-6 mb-6 relative","children":[["$","div",null,{"className":"absolute top-4 right-4 flex flex-wrap space-x-2","children":[["$","span","linux",{"className":"bg-blue-600 text-white text-sm px-3 py-1 rounded-full","children":["$","$L10",null,{"href":"/discussion/tag/linux/1","children":"linux"}]}],["$","span","unix",{"className":"bg-blue-600 text-white text-sm px-3 py-1 rounded-full","children":["$","$L10",null,{"href":"/discussion/tag/unix/1","children":"unix"}]}],["$","span","network-programming",{"className":"bg-blue-600 text-white text-sm px-3 py-1 rounded-full","children":["$","$L10",null,{"href":"/discussion/tag/network-programming/1","children":"network-programming"}]}],["$","span","tcpdump",{"className":"bg-blue-600 text-white text-sm px-3 py-1 rounded-full","children":["$","$L10",null,{"href":"/discussion/tag/tcpdump/1","children":"tcpdump"}]}]]}],["$","div",null,{"className":"flex items-center mb-4","children":[["$","img",null,{"src":"https://www.gravatar.com/avatar/bc6d2f9377bc2714b40716f3a2258426?s=256&d=identicon&r=PG","alt":"raldi","className":"w-16 h-16 rounded-full border"}],["$","div",null,{"className":"ml-4","children":[["$","a",null,{"href":"https://stackoverflow.com/users/7598/raldi","target":"_blank","rel":"noopener noreferrer","className":"text-lg font-semibold text-blue-600 hover:underline","children":"raldi"}],["$","p",null,{"className":"text-sm text-gray-500","children":["Reputation: ",22170]}]]}]]}],["$","h1",null,{"className":"text-2xl font-bold text-gray-800 mb-4","children":"What's a tcpdump one-liner to dump a TCP stream that matches a given substring?"}],["$","p",null,{"className":"text-gray-700 mt-4","dangerouslySetInnerHTML":{"__html":"

\n"}}],["$","div",null,{"className":"text-gray-600 text-sm mt-4","children":[["$","p",null,{"children":["Upvotes: ",2]}],["$","p",null,{"children":["Views: ",3403]}]]}]]}],["$","div",null,{"className":"container mx-auto","children":[["$","h2",null,{"className":"text-2xl font-semibold text-gray-800 mb-6","children":["Answers (",1,")"]}],[["$","div","207120",{"className":"bg-white shadow-md rounded-lg p-6 mb-6","children":[["$","div",null,{"className":"flex items-center mb-4","children":[["$","img",null,{"src":"https://www.gravatar.com/avatar/0ea83391bb1fb801606411f6aaa988e9?s=256&d=identicon&r=PG","alt":"Andrew Edgecombe","className":"w-12 h-12 rounded-full border"}],["$","div",null,{"className":"ml-4","children":[["$","a",null,{"href":"https://stackoverflow.com/users/11694/andrew-edgecombe","target":"_blank","rel":"noopener noreferrer","className":"text-lg font-semibold text-blue-600 hover:underline","children":"Andrew Edgecombe"}],["$","p",null,{"className":"text-sm text-gray-500","children":["Reputation: ",40382]}]]}]]}],["$","p",null,{"className":"text-gray-700 mb-4","dangerouslySetInnerHTML":{"__html":"

The best option is to use ngrep rather than tcpdump. Ngrep is designed to do exactly what you're after.

\n"}}],["$","div",null,{"className":"text-gray-600 text-sm","children":["$","p",null,{"children":["Upvotes: ",6]}]}]]}]]]}],["$","div",null,{"className":"bg-white shadow-md rounded-lg p-6 mt-6","children":[["$","h2",null,{"className":"text-2xl font-semibold text-gray-800 mb-4","children":"Related Questions"}],["$","ul",null,{"className":"list-disc list-inside","children":[["$","li","25603831",{"className":"mb-2","children":["$","$L10",null,{"href":"/discussion/solution/25603831","className":"text-blue-600 hover:underline","children":"How can I have tcpdump write to file and standard output the appropriate data?"}]}],["$","li","41997166",{"className":"mb-2","children":["$","$L10",null,{"href":"/discussion/solution/41997166","className":"text-blue-600 hover:underline","children":"tcpdump output on a single line"}]}],["$","li","51041702",{"className":"mb-2","children":["$","$L10",null,{"href":"/discussion/solution/51041702","className":"text-blue-600 hover:underline","children":"How can i extract only the destination ports from a TCPDUMP file"}]}],["$","li","48731518",{"className":"mb-2","children":["$","$L10",null,{"href":"/discussion/solution/48731518","className":"text-blue-600 hover:underline","children":"tcpdump filter to get all packets with tcp options kind equals to x"}]}],["$","li","43261848",{"className":"mb-2","children":["$","$L10",null,{"href":"/discussion/solution/43261848","className":"text-blue-600 hover:underline","children":"TCP dump filter requests containing certain values"}]}],["$","li","25215509",{"className":"mb-2","children":["$","$L10",null,{"href":"/discussion/solution/25215509","className":"text-blue-600 hover:underline","children":"pipe tcpdump output to grep multiline pattern"}]}],["$","li","24357134",{"className":"mb-2","children":["$","$L10",null,{"href":"/discussion/solution/24357134","className":"text-blue-600 hover:underline","children":"Having trouble parsing tcpdump output with regex"}]}],["$","li","13067939",{"className":"mb-2","children":["$","$L10",null,{"href":"/discussion/solution/13067939","className":"text-blue-600 hover:underline","children":"tcpdump : Match exact packet length"}]}],["$","li","20767299",{"className":"mb-2","children":["$","$L10",null,{"href":"/discussion/solution/20767299","className":"text-blue-600 hover:underline","children":"Extract substring at first match of tcp and on to a formatted list"}]}],["$","li","18209901",{"className":"mb-2","children":["$","$L10",null,{"href":"/discussion/solution/18209901","className":"text-blue-600 hover:underline","children":"tcpdump of udp packets containing data"}]}]]}]]}]]}],["$","$L11",null,{}],["$","$L12",null,{}],["$","$L13",null,{}],["$","$L14",null,{}],["$","$L15",null,{}]]

What&#39;s a tcpdump one-liner to dump a TCP stream that matches a given substring?

Answers (1)

Related Questions

What's a tcpdump one-liner to dump a TCP stream that matches a given substring?