TCPDUMP SYNTAX GENERATOR
Quick Presets
3-Way Handshake Check
Bidirectional Traffic
Retransmissions
RST Packets
Full Verbose Analysis
Clear All
Interface Selection
Interface:
[?]
Select the interface to capture on. Use 'any' for all interfaces or specify ingress/egress interfaces.
any (all interfaces)
eth0
eth1
eth2
eth3
eth4
eth4-01
Custom
Custom Interface:
TCPDump Flags
-vvv (very verbose)
-nnn (no name resolution)
-S (absolute seq numbers)
-X (hex + ASCII output)
-A (ASCII output)
-e (print link-level header)
Snap Length (-s):
[?]
Packet capture size. 0 = full packet. Default is usually 262144.
Packet Count (-c):
[?]
Stop after capturing N packets. Leave empty for continuous capture.
Output to File (-w):
[?]
Save capture to pcap file for later analysis in Wireshark.
Host & Port Filters
Source IP(s) (one per line):
Destination IP(s) (one per line):
Any Host (src OR dst) - (one per line):
[?]
Match traffic where IP is either source or destination. Good for bidirectional checks.
Source Port(s) (comma-separated):
Destination Port(s) (comma-separated):
Protocol & TCP Flags
Protocol:
Any
TCP
UDP
ICMP
ARP
TCP Flags Filter:
[?]
Filter for specific TCP flags: SYN, ACK, RST, FIN, PSH, URG
SYN (connection start)
ACK (acknowledgment)
RST (reset)
FIN (connection end)
PSH (push)
URG (urgent)
Additional Options
Custom Filter Expression:
[?]
Add any custom tcpdump filter expression. This will be ANDed with other filters.
COPY