tcpdump -n not port 22
tcpdump -nn -n not port 22 and not port 3389
tcpdump -nn -n not port 22 and src host 10.0.0.1

#microsoft ip range
-i eth0 portrange 5061-5067 && src net 52.112.0.0/14 or src net 52.120.0.0/14

#only mac-address xxx
-i vlan6 -vv -e ether host d8:cb:8a:cc:a3:45

mailverkehr sniffen: -> wichtig ist option s0 damit paket nicht abgeschnitten werden
tcpdump -l -i eth0 -n not port 22 -s0 -w sniff4.txt

call with: tcpdump -e -n -q -r filename //reading from file
tcpdump -w filename //write to file
tcpdump -I //no buffering


more example .. very good page: https://danielmiessler.com/study/tcpdump/

computer2know :: thank you for your visit :: have a nice day :: © 2022