问题
I am trying to find a way to read multiple ports using tcpdump. Suppose I have two ports, p1 and p2, and I want to read the traffic moving through both ports simultaneously. Is there any way to do it using tcpdump or will I have to use some other tool?
Basically I am running a proxy server which is running on some port. I want to read the traffic moving through this port as well traffic moving through port 80(HTTP).
回答1:
tcpdump port 80 or port 3128
or, alternatively,
tcpdump port '(80 or 443)'
回答2:
if you want to filter ports based on the range then use portrange.
E.g:
tcpdump -an portrange 1-25
来源:https://stackoverflow.com/questions/2187932/monitoring-multiple-ports-in-tcpdump