====== Tcpdump ======

= tcpdump - dump traffic on a network =

====== Usage ======
 tcpdump
 #on its own it will list all packets
 #quite slow and shows too much
 
 tcpdump -n  #does not resolve IP addresses
 tcpdump -n | grep IP address
 tcpdump dst ipaddress   #shows traffic with the destination of the IP
 tcpdump src ipaddress   #shows traffic with the source of the IP
 tcpdump src ipaddress -c 1  #capture 1 packet and stop
 tcpdump src ipaddress -c 1 -X  #show contents of the packet
 tcpdump src ipaddress -c 1 -XX -vv  #show contents and header (XX) and verbose
 tcpdump src ipaddress and port 80

===== ipv6 tcpdump =====
 tcpdump -vv ip6 -i eth0
Good ref: http://danielmiessler.com/study/tcpdump/