Capture, filter and inspect network traffic from the shell to diagnose problems fast. 12.05.2026 | reading time: 2 min When a service fails or latency spikes, tcpdump is the tool that lets a user capture and inspect raw packets from the command line to find the cause quickly. Hands-on capture Run a quick capture of five HTTP packets on interface eth0 and watch headers fly: ```bash sudo tcpdump -i eth0 'tcp port 80' -c 5 -nn -vv``` Example condensed output after the command shows captured packets like: ```bash 07:32:45.123456 IP 192.0.2.10.54000 > 198.51.100.5.80: Flags [P.], seq 1:517, ack 1, win 229, options [nop,nop,TS val 123456 ecr 654321], length 516; 07:32:45.123789 IP 198.51.100.5.80 > 192.0.2.10.54000: Flags [.], ack 517, win 29200, length 0``` Control what you capture Filter early, capture wisely: use expressions like "host", "port" and "net" to limit traffic; save raw packets with `-w file.pcap` and read them later with `-r`; prevent truncation with `-s 0`; increase verbosity with `-v`, `-vv` or `-vvv`; display payloads with `-A` or `-X`; and rotate files with `-C`, `-G` plus `-W` for long captures. Practical caveats and tips tcpdump needs root or CAP_NET_RAW; on busy links prefer capture-to-disk and offline analysis; remember the default snaplen may truncate payloads; BPF expressions are powerful and efficient; and libpcap compatibility means most captures open in Wireshark for deeper analysis. Tools that pair well Use tcpdump to create or filter captures, then analyze with Wireshark for GUI inspection, use tshark for scripted parsing, or try ngrep for quick pattern searches in ASCII payloads. Next steps for the learner Start capturing in a lab, read pcap files and practice BPF expressions until they become second nature; the command is a doorway into networking that rewards repetition and curiosity, and further study can lead to certifications like CompTIA Linux+ or LPIC-1 with intensive exam preparation at bitsandbytes.academy. Join Bits & Bytes Academy First class LINUX exam preparation. network troubleshooting utilities security
