CLI – tcpdump


CLI – If you are having network connectivity issues tcpdump is a utility that you may want to try. It is also handy when you want to examine unusual network traffic.

This command allows you to capture and analyze network traffic. Using this command is probably going to require you to put on your ‘propeller hat’ and drop further down ‘into the weeds’ of tech than you are typically used to. It is good to know that the ability is there if you need it.

The description of tcpdump in the macOS man page is:

Tcpdump prints out a description of the contents of packets on a network interface that match the boolean expression; the description is preceded by a time stamp, printed, by default, as hours, minutes,  seconds, and fractions of a second since midnight.  It can also be run with the -w flag, which causes it to save the packet data to a file for later analysis, and/or with the -r flag, which causes it to read from a saved packet file rather than to read packets from a network interface. It can also be run with the -V flag, which causes it to read a list of saved packet files. In all cases, only packets that match expression will be processed by tcpdump.

To learn a lot more about how to use tcpdump, take a look at “An introduction to using tcpdump at the Linux command line“. Yes, this is a Linux article, but the tcpdump command as implemented on macOS is fundamentally the same. Check the macOS man page for tcpdump for all of the available options.

See my other CLI and macOS articles

Leave a Reply

Fill in your details below or click an icon to log in: Logo

You are commenting using your account. Log Out /  Change )

Google photo

You are commenting using your Google account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s

This site uses Akismet to reduce spam. Learn how your comment data is processed.