Blog Archives

How to show mac addresses in TCPdump

Just a quick tip on how to display MAC addresses in the TCPdump utility. Simply use the “-e” switch. tcpdump -i INTERFACENAME -e Without the -e switch: [CheckPoint]# tcpdump -i bond2.100 -n 12:28:42.257902 IP 10.20.20.31.49155 > 10.254.25.116.49929: . ack 1831 win 513 12:28:42.258620 IP 10.20.20.31.49155 > 10.254.25.116.49929: P 1:286(285) ack 1831 win 513 With the […]