Tcpdump: capture DHCP & DHCPv6 packets - howtouselinux

PHOTO

Sat Apr 23 2022 09:29:57 GMT+0000 (Coordinated Universal Time)

Saved by @xiaomian

How to use tcpdump to filter dhcp packets v4?
DHCP v4 traffic operates on port 67 (Server) and port 68 (Client). So we can capture the appropriate traffic with the following expression. (v4)

tcpdump -i eth0 udp port 67 and port 68 -vvv

How to use tcpdump to filter dhcpv6 packets?
DHCPv6 uses UDP port number 546 for clients and port number 547 for servers.

tcpdump -i eth0 -n -vv ‘(udp port 546 and port 547)’

How to use tcpdump to filter dhcp packets based on MAC address?
tcpdump -i eth0 -vvv -s 1500 ‘((port 67 or port 68) and (udp[38:4] = 0x3e0ccf08))’

Related post:

https://www.howtouselinux.com/post/tcpdump-capture-dhcp-dhcpv6-packets

Save snippets that work from anywhere online with our extensions

Available in the Chrome Web Store

Get Firefox Add-on

Get VS Code extension

Comments

More like this

debug

@xiaomian

Tcpdump: capture DHCP & DHCPv6 packets - howtouselinux how to sniffer dhcpv6 with tcpdump | by Stanley Meng | Medium DHCPv6 configuration for isc-dhcp-server | netprobe CentOS下开启IPv6 - lingfengxp - 博客园 linux下设置IPV6默认路由，ping，路由跟踪_什么什么高手的博客-CSDN博客_ipv6默认路由 How to Write iptables Rules for IPv6 - Linux.com 检查是否是内核参数的影响 linux 下给网卡添加ipv6、路由 - 编程猎人 iptables - Linux ipv6 forwarding - Server Fault security group rule — OpenStack Command Line Client 5.9.0.dev19 documentation 3. Removing an IPv6 route through a gateway tcpdump and IPv6 commands to request and release of an IPv6 address from a dhcp server

Browse more snippets >>