The Daily Build

Quick & Dirty “sniffer” for when you don’t have tcpdump

I recently needed a way to test if packets were reaching a linux device I'm testing. The device didn't have tcpdump installed, so I didn't have a real sniffer. Fortunately all I really needed was confirmation that packets were arriving. iptables to the rescue! Assuming there are no existing rules to interfere (i.e. use iptables -F to clean out any existing firewall), you can use this to log UDP packets arriving at port 1234:

iptables -A INPUT -p udp --dport 1234 -j LOG

Then tail your syslog and you'll see a message when traffic arrives on UDP 1234.

Posted on 2012-06-08 by brian in linux .
If you liked this, you should also read:
Comments on this post are closed. If you have something to share, please send me email.