Generate tcpdump packet capture commands through an intuitive interface, no need to review tcpdump commands every time you capture packets.
Listen on the specified network interface.
tcpdump -i en0
tcpdump -i any
Filter packets by protocol type.
tcpdump tcp
tcpdump udp
Filter packets by host address (source, destination, or either).
tcpdump host 192.168.1.1
tcpdump src host 10.0.0.1
tcpdump dst host google.com
Filter packets by port number (source, destination, or either).
tcpdump port 80
tcpdump src port 443
tcpdump dst port 22
Write captured packets to a file instead of displaying them.
tcpdump -w capture.pcap
tcpdump -w ~/network.pcap
Capture HTTP traffic:
tcpdump -i en0 tcp port 80
Monitor DNS queries:
tcpdump -i any udp port 53
Capture SSH connections:
tcpdump -i en0 tcp port 22