I am a bit confused with the abundant tcpdump tutorials on internet.
I am having a few of the virtual machines running on a virtualization server.Where I am debugging a problem.Port 53 is the one in problem.
I have a bridged setup where out of 4 LAN cards on the machine in question one is active and it is xen-br0
I want to check if there is any request coming on port 53 on the server by other machines on LAN in question. I also want to see if the guest operating systems on LAN or any other machine is sending traffic at port 53.Due to abundant messages being generated via tcpdump I am finding it difficult to grep the output at desired port.
So how can I use it if some one can give an example that would be helpful.
Thanks in advance.
Best Answer
You can use this command: tcpdump -n -s 1500 -i eth0 udp port 53 (Replace 'eth0' with the name of your ethernet interface, e.g. 'fxp0') This shows all packets going in and out of your machine for UDP port 53 (DNS) Source:DNS exercise 1