tcpdump

tcpdump is very useful to debug network connections. Especially because it can capture packets before they hit the firewall.

example of dumping incoming traffic on interface ens19 and udp port 22821

tcpdump -Qin -ni ens19 udp port 22821

check dns traffic

tcpdump -n -s 1500 -i eth0 udp port 53

log dns queries / udp traffic

script -q -c "sudo tcpdump -l port 53 2>/dev/null | grep --line-buffered ' A? ' | cut -d' ' -f8" | tee dns.log

dump all traffic to destination and show as ascii

tcpdump -i eth0 host 10.98.252.49 -A

dump traffic on all interfaces from source

tcpdump -ni any src host 10.98.200.51

dump udp packets on to localhost

tcpdump -i lo -n udp port 2003 -A 

traffic on inteface eth0 port 8125 and see ascii

tcpdump -i eth0 port 8125 -A