Consider I have two hosts A and B. They both have a webserver on

Question

0

Asked: May 25, 20262026-05-25T17:52:27+00:00 2026-05-25T17:52:27+00:00

Consider I have two hosts A and B. They both have a webserver on

0

Consider I have two hosts A and B. They both have a webserver on port 80. Both servers download files from each other through their webservers. A:some_port <–> b:80 and at the same time A:80 <–> B:some_port.

How can I run a tcpdump to capture all packets whose client is either host A, or B? I do not want to have a mixed up dump file including packets from both connections.

if I use:

tcpdump -i eth0 host A and port 80

I receive all packets between A and B. And if I change it to

tcpdump -i eth0 src host A and src port 80

then I just received wrong half the packets.

Do you have any suggestions?

Report

Leave an answer
Cancel reply

You must login to add an answer.

Need An Account,

1 Answer

Editorial Team · Answer 1 · 2026-05-25T17:52:28+00:00

Editorial Team

2026-05-25T17:52:28+00:00Added an answer on May 25, 2026 at 5:52 pm

I couldn’t find any way to do that. Yet, what I did was to use different source port ranges for different connections and use them in my tcpdump filter…

tcpdump -i eth0 -nn portrange $dumpPortListenRange1
tcpdump -i eth0 -nn portrange $dumpPortListenRange2

I know it is not the answer, but it is tweak to make it work…

0

Reply
Share
Share

- Report

Sign Up

Sign In

Forgot Password

The Archive Base Latest Questions

Consider I have two hosts A and B. They both have a webserver on

Leave an answerCancel reply

1 Answer

Leave an answer
Cancel reply