TCPDUMP Capture Netlink Packets

By @sskaje
Link: https://sskaje.me/2017/04/tcpdump-capture-netlink-packets/

I’m writing a Wireshark Dissector for IPSET’s protocol. Commands below are to capture netlink packets using tcpdump.

modprobe nlmon
ip link add type nlmon
ip link set nlmon0 up
tcpdump -i nlmon0  -s 0 -w nlmon.pcap 
ip link set nlmon0 down
ip link del dev nlmon0
rmmod nlmon

modprobe nlmon

ip link add type nlmon

ip link set nlmon0 up

tcpdump -i nlmon0 -s 0 -w nlmon.pcap

ip link set nlmon0 down

ip link del dev nlmon0

rmmod nlmon

TCPDUMP Capture Netlink Packets by @sskaje: https://sskaje.me/2017/04/tcpdump-capture-netlink-packets/

Incoming search terms:

how to capture netlink messages on tcpdump
tcpdump on the nlmon0 interface

Incoming search terms:

Related posts: