© 2025 Junovan Fantin

Tcpdump show in and out interface

16 16.1 17 17.1 ACI BIG-IP BIGIP Certificado Cisco Debian DNS Docker EasyRSA F5 FortiGate IKE IPSec Linux LTM MikroTik Netflow Netmiko NSX OpenSSL OpenVPN Paramiko PyODBC Python Requisitos Hardware RouterOS RSTP Script ShellScript SolarWinds Spanning Tree Sprints SSL STP Ubuntu Upgrade VMWARE VPN VXLAN Windows Ágil

Latest Comments

junovan - 17 março 2022 - 12:36

O comando abaixo é usado quando deseja observar por qual interface os pacotes estão saindo e retornando.

# tcpdump -i any host 8.8.8.8 or host 8.8.4.4 -n -ePP
tcpdump: WARNING: Promiscuous mode not supported on the "any" device
tcpdump: verbose output suppressed, use -v or -vv for full protocol decode
listening on any, link-type LINUX_SLL (Linux cooked), capture size 96 bytes
12:26:47.012642      eth1-02[in ]: 192.168.19.70.39926 > 8.8.4.4.domain:  49332+% [1au] A? www.caixa.gov.br. (45)
12:26:47.012699      eth1-08[out]: 201.44.246.130.11705 > 8.8.4.4.domain:  49332+% [1au] A? www.caixa.gov.br. (45)
12:26:47.026284      eth1-08[in ]: 8.8.4.4.domain > 201.44.246.130.11705:  49332 1/0/1 A 200.201.165.253 (61)
12:26:47.026298      eth1-02[in ]: 192.168.19.70.38893 > 8.8.4.4.domain:  9146+% [1au] A? cielo.com.br. (41)
12:26:47.026369      eth1-02[out]: 8.8.4.4.domain > 192.168.19.70.39926:  49332 1/0/1 A 200.201.165.253 (61)
12:26:47.026798      eth1-08[out]: 201.44.246.130.42257 > 8.8.4.4.domain:  9146+% [1au] A? cielo.com.br. (41)
12:26:47.048538      eth1-08[in ]: 8.8.4.4.domain > 201.44.246.130.42257:  9146 2/0/1 A 199.83.135.221, (73)
12:26:47.048650      eth1-02[out]: 8.8.4.4.domain > 192.168.19.70.38893:  9146 2/0/1 A 199.83.135.221, (73)
12:26:47.053247      eth1-02[in ]: 192.168.19.70.36834 > 8.8.4.4.domain:  33871+% [1au] A? star.c10r.facebook.com. (51)
12:26:47.053699      eth1-08[out]: 201.44.246.130.11855 > 8.8.4.4.domain:  33871+% [1au] A? star.c10r.facebook.com. (51)
12:26:47.072795      eth1-02[in ]: 192.168.19.70.46597 > 8.8.4.4.domain:  14221+% [1au] A? b-api.facebook.com. (47)
12:26:47.073273      eth1-08[out]: 201.44.246.130.36611 > 8.8.4.4.domain:  14221+% [1au] A? b-api.facebook.com. (47)
12:26:47.075465      eth1-08[in ]: 8.8.4.4.domain > 201.44.246.130.11855:  33871 1/0/1 A[|domain]
12:26:47.075590      eth1-02[out]: 8.8.4.4.domain > 192.168.19.70.36834:  33871 1/0/1 A[|domain]
12:26:47.097753      eth1-08[in ]: 8.8.4.4.domain > 201.44.246.130.36611:  14221 2/0/1 CNAME[|domain]
12:26:47.097820      eth1-02[out]: 8.8.4.4.domain > 192.168.19.70.46597:  14221 2/0/1 CNAME[|domain]
12:26:47.098233      eth1-02[in ]: 192.168.19.70.39294 > 8.8.4.4.domain:  32379+% [1au] A? star-mini.c10r.facebook.com. (56)
12:26:47.098642      eth1-08[out]: 201.44.246.130.19348 > 8.8.4.4.domain:  32379+% [1au] A? star-mini.c10r.facebook.com. (56)
12:26:47.122534      eth1-02[in ]: 192.168.19.70.59821 > 8.8.4.4.domain:  31575+% [1au] A? www.statistcdn.com. (47)
12:26:47.122929      eth1-08[out]: 201.44.246.130.filenet-nch > 8.8.4.4.domain:  31575+% [1au] A? www.statistcdn.com. (47)
12:26:47.123946      eth1-08[in ]: 8.8.4.4.domain > 201.44.246.130.19348:  32379 1/0/1 (72)
12:26:47.124032      eth1-02[out]: 8.8.4.4.domain > 192.168.19.70.39294:  32379 1/0/1 (72)
12:26:47.185800      eth1-02[in ]: 192.168.19.70.36390 > 8.8.4.4.domain:  9032+% [1au] A? e15661.b.akamaiedge.net. (52)
12:26:47.186254      eth1-08[out]: 201.44.246.130.27237 > 8.8.4.4.domain:  9032+% [1au] A? e15661.b.akamaiedge.net. (52)
12:26:47.221652      eth1-02[in ]: 192.168.19.70.33998 > 8.8.4.4.domain:  39480+% [1au][|domain]
12:26:47.222103      eth1-08[out]: 201.44.246.130.19446 > 8.8.4.4.domain:  39480+% [1au][|domain]
12:26:47.326597      eth1-08[in ]: 8.8.4.4.domain > 201.44.246.130.27237:  9032 2/0/1[|domain]
12:26:47.326667      eth1-02[out]: 8.8.4.4.domain > 192.168.19.70.36390:  9032 2/0/1[|domain]
12:26:47.350362      eth1-08[in ]: 8.8.4.4.domain > 201.44.246.130.19446:  39480 2/0/1[|domain]
12:26:47.350439      eth1-02[out]: 8.8.4.4.domain > 192.168.19.70.33998:  39480 2/0/1[|domain]
12:26:47.751689      eth1-08[in ]: 8.8.4.4.domain > 201.44.246.130.filenet-nch:  31575 ServFail 0/0/1 (47)
12:26:47.751744      eth1-02[out]: 8.8.4.4.domain > 192.168.19.70.59821:  31575 ServFail 0/0/1 (47)
12:26:47.752163      eth1-02[in ]: 192.168.19.70.60465 > 8.8.8.8.domain:  44554+% [1au] A? www.statistcdn.com. (47)
12:26:47.752631      eth1-08[out]: 201.44.246.130.39001 > 8.8.8.8.domain:  44554+% [1au] A? www.statistcdn.com. (47)
12:26:48.029673      eth1-02[in ]: 192.168.19.70.45258 > 8.8.4.4.domain:  52460+% [1au] A? e9659.dspg.akamaiedge.net. (54)
12:26:48.030068      eth1-08[out]: 201.44.246.130.31069 > 8.8.4.4.domain:  52460+% [1au] A? e9659.dspg.akamaiedge.net. (54)
12:26:48.110639      eth1-08[in ]: 8.8.4.4.domain > 201.44.246.130.31069:  52460 1/0/1 (70)
12:26:48.110718      eth1-02[out]: 8.8.4.4.domain > 192.168.19.70.45258:  52460 1/0/1 (70)
12:26:48.128248      eth1-02[in ]: 192.168.19.70.37052 > 8.8.4.4.domain:  56341+% [1au] A? CPQ-efz.ms-acdc.office.com. (55)
12:26:48.128779      eth1-08[out]: 201.44.246.130.46822 > 8.8.4.4.domain:  56341+% [1au] A? CPQ-efz.ms-acdc.office.com. (55)
12:26:48.142290      eth1-08[in ]: 8.8.4.4.domain > 201.44.246.130.46822:  56341 4/0/1[|domain]
12:26:48.142439      eth1-02[out]: 8.8.4.4.domain > 192.168.19.70.37052:  56341 4/0/1[|domain]

42 packets captured
88 packets received by filter
0 packets dropped by kernel

CATEGORIES:

Network

Tags:

No tags
Previous
Next

Comments are closed

© 2025 Junovan Fantin – Todos os direitos reservados.