Menu
I wish to capture tcpdump traffic on two different ports simultaneouly .
I tried this ..
$ tcpdump port 21 ; tcpdump port 22
Althoug it worked but problem is first it will wait for traffic on port 21 and when interrupted then it will wait for port 22.
Also another problem is it will not capture the traffic on port 22 untill traffic on port 21 will be captured.
I want an order free solution means in whatever order packet arrives if they are for port 21 or 22 they should be captured .
Please help me on this !!!
EDIT :
Sorry I did not specified it before the actual command I am trying to run is this ..
$ tcpdump -X -s0 protochain 50
and
$ tcpdump -X -s0 protochain 51
Now I need to use 50 and 51 both simultaneously ..
920
Hi, you just need to compose two ports like this:
tcpdump -n -i $INTERFACE port 21 or port 22
where -n will get numerical address without reverse resolving (faster)
and $INTERFACE is real interface where you sniff trafic
150
answered Feb 04 '26 01:02
I am no tcpdump expert but found this in the tcpdump manpage:
tcpdump 'gateway snup and (port ftp or ftp-data)'
So try this
tcpdump '(port ftp or ftp-data)'
If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!
Donate Us With
