{"id":997,"date":"2021-01-05T14:55:23","date_gmt":"2021-01-05T09:25:23","guid":{"rendered":"http:\/\/192.168.0.6\/linuxbots\/?p=997"},"modified":"2021-01-05T14:55:27","modified_gmt":"2021-01-05T09:25:27","slug":"tcpdump-examples","status":"publish","type":"post","link":"https:\/\/itsupportwale.com\/blog\/tcpdump-examples\/","title":{"rendered":"Tcpdump Examples &#8211; 15 commands you must know"},"content":{"rendered":"\n<p><strong>tcpdump<\/strong> is one of the most powerful command-line packet analyzer tools for all IT Professionals. In this tutorial, we share some practical examples of <strong>tcpdump<\/strong> tool which should be known by every IT Professional.<\/p>\n\n\n\n<p>A well-known network sniffer tool for network monitoring which provides plenty of options. From analyzing live network traffic to capture specific traffic in a file, you can do all with tcpdump. Easy availability for all the operating systems, makes it more popular.<\/p>\n\n\n\n<p>There are many other tutorials available for tcpdump on the internet but the proper explanation of commands and examples are not available. So, here we decide to document some well-explained examples of tcpdump in simple and understandable language.<\/p>\n\n\n\n<p>Above all, let&#8217;s have a look at the history of the <a rel=\"noreferrer noopener\" aria-label=\"tcpdump (opens in a new tab)\" href=\"https:\/\/en.wikipedia.org\/wiki\/Tcpdump\" target=\"_blank\">tcpdump<\/a> tool. tcpdump was written at Lawrence Berkeley Laboratory in 1988. Official website <a rel=\"noreferrer noopener\" aria-label=\"www.tcpdump.org (opens in a new tab)\" href=\"https:\/\/www.tcpdump.org\/\" target=\"_blank\">www.tcpdump.org<\/a> created in 1999.<\/p>\n\n\n\n<figure class=\"wp-block-image size-large\"><img loading=\"lazy\" decoding=\"async\" width=\"1024\" height=\"576\" src=\"https:\/\/oracle.itsupportwale.com\/blog\/wp-content\/uploads\/2021\/01\/tcpdump-examples-feature-image-1024x576.jpg\" alt=\"tcpdump-examples-feature-image\" class=\"wp-image-3457\" srcset=\"https:\/\/itsupportwale.com\/blog\/wp-content\/uploads\/2021\/01\/tcpdump-examples-feature-image-1024x576.jpg 1024w, https:\/\/itsupportwale.com\/blog\/wp-content\/uploads\/2021\/01\/tcpdump-examples-feature-image-300x169.jpg 300w, https:\/\/itsupportwale.com\/blog\/wp-content\/uploads\/2021\/01\/tcpdump-examples-feature-image-768x432.jpg 768w, https:\/\/itsupportwale.com\/blog\/wp-content\/uploads\/2021\/01\/tcpdump-examples-feature-image-495x279.jpg 495w, https:\/\/itsupportwale.com\/blog\/wp-content\/uploads\/2021\/01\/tcpdump-examples-feature-image.jpg 1280w\" sizes=\"auto, (max-width: 1024px) 100vw, 1024px\" \/><figcaption>tcpdump examples<\/figcaption><\/figure>\n\n\n\n<div id=\"ez-toc-container\" class=\"ez-toc-v2_0_80 counter-hierarchy ez-toc-counter ez-toc-grey ez-toc-container-direction\">\n<p class=\"ez-toc-title\" style=\"cursor:inherit\">Table of Contents<\/p>\n<label for=\"ez-toc-cssicon-toggle-item-69dedc76f0b4c\" class=\"ez-toc-cssicon-toggle-label\"><span class=\"\"><span class=\"eztoc-hide\" style=\"display:none;\">Toggle<\/span><span class=\"ez-toc-icon-toggle-span\"><svg style=\"fill: #999;color:#999\" xmlns=\"http:\/\/www.w3.org\/2000\/svg\" class=\"list-377408\" width=\"20px\" height=\"20px\" viewBox=\"0 0 24 24\" fill=\"none\"><path d=\"M6 6H4v2h2V6zm14 0H8v2h12V6zM4 11h2v2H4v-2zm16 0H8v2h12v-2zM4 16h2v2H4v-2zm16 0H8v2h12v-2z\" fill=\"currentColor\"><\/path><\/svg><svg style=\"fill: #999;color:#999\" class=\"arrow-unsorted-368013\" xmlns=\"http:\/\/www.w3.org\/2000\/svg\" width=\"10px\" height=\"10px\" viewBox=\"0 0 24 24\" version=\"1.2\" baseProfile=\"tiny\"><path d=\"M18.2 9.3l-6.2-6.3-6.2 6.3c-.2.2-.3.4-.3.7s.1.5.3.7c.2.2.4.3.7.3h11c.3 0 .5-.1.7-.3.2-.2.3-.5.3-.7s-.1-.5-.3-.7zM5.8 14.7l6.2 6.3 6.2-6.3c.2-.2.3-.5.3-.7s-.1-.5-.3-.7c-.2-.2-.4-.3-.7-.3h-11c-.3 0-.5.1-.7.3-.2.2-.3.5-.3.7s.1.5.3.7z\"\/><\/svg><\/span><\/span><\/label><input type=\"checkbox\"  id=\"ez-toc-cssicon-toggle-item-69dedc76f0b4c\"  aria-label=\"Toggle\" \/><nav><ul class='ez-toc-list ez-toc-list-level-1 ' ><li class='ez-toc-page-1 ez-toc-heading-level-2'><a class=\"ez-toc-link ez-toc-heading-1\" href=\"https:\/\/itsupportwale.com\/blog\/tcpdump-examples\/#Install_tcpdump\" >Install tcpdump<\/a><\/li><li class='ez-toc-page-1 ez-toc-heading-level-2'><a class=\"ez-toc-link ez-toc-heading-2\" href=\"https:\/\/itsupportwale.com\/blog\/tcpdump-examples\/#Practical_tcpdump_examples\" >Practical tcpdump examples<\/a><ul class='ez-toc-list-level-3' ><li class='ez-toc-heading-level-3'><a class=\"ez-toc-link ez-toc-heading-3\" href=\"https:\/\/itsupportwale.com\/blog\/tcpdump-examples\/#Example_1_List_all_available_interfaces\" >Example 1: List all available interfaces<\/a><\/li><li class='ez-toc-page-1 ez-toc-heading-level-3'><a class=\"ez-toc-link ez-toc-heading-4\" href=\"https:\/\/itsupportwale.com\/blog\/tcpdump-examples\/#Example_2_Capture_traffic_from_a_specific_interface\" >Example 2: Capture traffic from a specific interface<\/a><\/li><li class='ez-toc-page-1 ez-toc-heading-level-3'><a class=\"ez-toc-link ez-toc-heading-5\" href=\"https:\/\/itsupportwale.com\/blog\/tcpdump-examples\/#Example_3_Limit_number_of_packets_capture\" >Example 3: Limit number of packets capture<\/a><\/li><li class='ez-toc-page-1 ez-toc-heading-level-3'><a class=\"ez-toc-link ez-toc-heading-6\" href=\"https:\/\/itsupportwale.com\/blog\/tcpdump-examples\/#Example_4_Print_output_in_ASCII\" >Example 4: Print output in ASCII<\/a><\/li><li class='ez-toc-page-1 ez-toc-heading-level-3'><a class=\"ez-toc-link ez-toc-heading-7\" href=\"https:\/\/itsupportwale.com\/blog\/tcpdump-examples\/#Example_5_Readable_timestamps\" >Example 5: Readable timestamps<\/a><\/li><li class='ez-toc-page-1 ez-toc-heading-level-3'><a class=\"ez-toc-link ez-toc-heading-8\" href=\"https:\/\/itsupportwale.com\/blog\/tcpdump-examples\/#Example_6_Save_captured_packets\" >Example 6: Save captured packets<\/a><\/li><li class='ez-toc-page-1 ez-toc-heading-level-3'><a class=\"ez-toc-link ez-toc-heading-9\" href=\"https:\/\/itsupportwale.com\/blog\/tcpdump-examples\/#Example_8_Reading_a_pcapPacket_Capture_file\" >Example 8: Reading a .pcap(Packet Capture file)<\/a><\/li><li class='ez-toc-page-1 ez-toc-heading-level-3'><a class=\"ez-toc-link ez-toc-heading-10\" href=\"https:\/\/itsupportwale.com\/blog\/tcpdump-examples\/#Example_9_Disable_naming\" >Example 9: Disable naming<\/a><\/li><li class='ez-toc-page-1 ez-toc-heading-level-3'><a class=\"ez-toc-link ez-toc-heading-11\" href=\"https:\/\/itsupportwale.com\/blog\/tcpdump-examples\/#Example_10_Filter_Traffic_by_Protocols\" >Example 10: Filter Traffic by Protocols<\/a><\/li><li class='ez-toc-page-1 ez-toc-heading-level-3'><a class=\"ez-toc-link ez-toc-heading-12\" href=\"https:\/\/itsupportwale.com\/blog\/tcpdump-examples\/#Example_11_Filter_Traffic_by_IP_Address_or_Hostname\" >Example 11: Filter Traffic by IP Address or Hostname<\/a><\/li><li class='ez-toc-page-1 ez-toc-heading-level-3'><a class=\"ez-toc-link ez-toc-heading-13\" href=\"https:\/\/itsupportwale.com\/blog\/tcpdump-examples\/#Example_12_Filter_Traffic_by_a_specific_port\" >Example 12: Filter Traffic by a specific port<\/a><\/li><li class='ez-toc-page-1 ez-toc-heading-level-3'><a class=\"ez-toc-link ez-toc-heading-14\" href=\"https:\/\/itsupportwale.com\/blog\/tcpdump-examples\/#Example_13_Filter_Traffic_by_specific_direction\" >Example 13: Filter Traffic by specific direction<\/a><\/li><li class='ez-toc-page-1 ez-toc-heading-level-3'><a class=\"ez-toc-link ez-toc-heading-15\" href=\"https:\/\/itsupportwale.com\/blog\/tcpdump-examples\/#Example_14_Filter_Traffic_by_network_address\" >Example 14: Filter Traffic by network address<\/a><\/li><li class='ez-toc-page-1 ez-toc-heading-level-3'><a class=\"ez-toc-link ez-toc-heading-16\" href=\"https:\/\/itsupportwale.com\/blog\/tcpdump-examples\/#Example_15_Filter_Traffic_by_the_port_range\" >Example 15: Filter Traffic by the port range<\/a><\/li><\/ul><\/li><\/ul><\/nav><\/div>\n<h2 class=\"wp-block-heading\" id=\"h-install-tcpdump\"><span class=\"ez-toc-section\" id=\"Install_tcpdump\"><\/span>Install tcpdump<span class=\"ez-toc-section-end\"><\/span><\/h2>\n\n\n\n<p>Let&#8217;s start by installing tcpdump in different operating systems. use the below commands to install it.<\/p>\n\n\n\n<pre class=\"wp-block-code\"><code>######### For CentOS\/Fedora #############\nsudo yum install tcpdump\n\n######## For Ubuntu\/Debian ##############\nsudo apt-get install tcpdump\n\n######## For Arch Linux ################\nsudo pacman -S tcpdump<\/code><\/pre>\n\n\n\n<p>If you have a different OS, you can download it from its <a rel=\"noreferrer noopener\" aria-label=\"Official Website (opens in a new tab)\" href=\"https:\/\/www.tcpdump.org\/index.html#latest-releases\" target=\"_blank\">Official Website<\/a>.<\/p>\n\n\n\n<h2 class=\"wp-block-heading\" id=\"h-practical-tcpdump-examples\"><span class=\"ez-toc-section\" id=\"Practical_tcpdump_examples\"><\/span>Practical tcpdump examples<span class=\"ez-toc-section-end\"><\/span><\/h2>\n\n\n\n<h3 class=\"wp-block-heading\" id=\"h-example-1-list-all-available-interfaces\"><span class=\"ez-toc-section\" id=\"Example_1_List_all_available_interfaces\"><\/span>Example 1: List all available interfaces<span class=\"ez-toc-section-end\"><\/span><\/h3>\n\n\n\n<p>With option <strong>-D<\/strong>, we can print the list of available network interfaces on which tcpdump can capture traffic. Network interfaces with there name and a number are printed by this option. See the below command and its example output.<\/p>\n\n\n\n<pre class=\"wp-block-code\"><code>tcpdump -D<\/code><\/pre>\n\n\n\n<pre class=\"wp-block-preformatted\">Output:\n 1.enp0s3 [Up, Running]\n 2.any (Pseudo-device that captures on all interfaces) [Up, Running]\n 3.lo [Up, Running, Loopback]\n 4.nflog (Linux netfilter log (NFLOG) interface)\n 5.nfqueue (Linux netfilter queue (NFQUEUE) interface)\n 6.usbmon1 (USB bus number 1)\n 7.usbmon2 (USB bus number 2)<\/pre>\n\n\n\n<h3 class=\"wp-block-heading\" id=\"h-example-2-capture-traffic-from-a-specific-interface\"><span class=\"ez-toc-section\" id=\"Example_2_Capture_traffic_from_a_specific_interface\"><\/span>Example 2: Capture traffic from a specific interface<span class=\"ez-toc-section-end\"><\/span><\/h3>\n\n\n\n<p>With the use of option <strong>-i<\/strong>, we can capture network packets on a specific network interface. By default tcpdump searches for the lowered number interface in the system interface list.<\/p>\n\n\n\n<p>You can provide the interface name or interface number which we get in the previous command output.<\/p>\n\n\n\n<pre class=\"wp-block-code\"><code>sudo tcpdump -i enp0s3\n\n####### OR ###########\n\nsudo tcpdump -i 1<\/code><\/pre>\n\n\n\n<pre class=\"wp-block-preformatted\">Output:\n tcpdump: verbose output suppressed, use -v or -vv for full protocol decode\n  listening on enp0s3, link-type EN10MB (Ethernet), capture size 262144 bytes<\/pre>\n\n\n\n<h3 class=\"wp-block-heading\" id=\"h-example-3-limit-number-of-packets-capture\"><span class=\"ez-toc-section\" id=\"Example_3_Limit_number_of_packets_capture\"><\/span>Example 3: Limit number of packets capture <span class=\"ez-toc-section-end\"><\/span><\/h3>\n\n\n\n<p>With the use of command option <strong>-c<\/strong>, we can specify the number of packets we want to capture with tcpdump.<\/p>\n\n\n\n<pre class=\"wp-block-code\"><code>sudo tcpdump -c 10 <\/code><\/pre>\n\n\n\n<pre class=\"wp-block-preformatted\">Output:\ntcpdump: verbose output suppressed, use -v or -vv for full protocol decode\n listening on eno1, link-type EN10MB (Ethernet), capture size 262144 bytes\n 16:17:01.745113 IP 172.17.11.240.ssh &gt; 172.16.8.183.45040: Flags [P.], seq 4286741935:4286741979, ack 406902535, win 291, options [nop,nop,TS val 100118667 ecr 1820098679], length 44\n 16:17:01.745222 IP 172.16.8.183.45040 &gt; 172.17.11.240.ssh: Flags [.], ack 44, win 501, options [nop,nop,TS val 1820098879 ecr 100118667], length 0\n 16:17:01.745969 IP 172.16.8.183.58480 &gt; dns.google.domain: 34936+ PTR? 183.8.16.172.in-addr.arpa. (43)\n 16:17:01.761535 IP dns.google.domain &gt; 172.16.8.183.58480: 34936 NXDomain 0\/0\/0 (43)\n 16:17:01.761970 IP 172.16.8.183.58480 &gt; dns.google.domain: 34885+ PTR? 240.11.17.172.in-addr.arpa. (44)\n 16:17:01.778366 IP dns.google.domain &gt; 172.16.8.183.58480: 34885 NXDomain 0\/0\/0 (44)\n 16:17:01.778818 IP 172.16.8.183.58480 &gt; dns.google.domain: 47988+ PTR? 8.8.8.8.in-addr.arpa. (38)\n 16:17:01.794220 IP dns.google.domain &gt; 172.16.8.183.58480: 47988 1\/0\/0 PTR dns.google. (62)\n 16:17:01.947981 IP 172.17.11.240.ssh &gt; 172.16.8.183.45040: Flags [P.], seq 44:104, ack 1, win 291, options [nop,nop,TS val 100118868 ecr 1820098879], length 60\n 16:17:01.948078 IP 172.16.8.183.45040 &gt; 172.17.11.240.ssh: Flags [.], ack 104, win 501, options [nop,nop,TS val 1820099082 ecr 100118868], length 0\n 10 packets captured\n 10 packets received by filter\n 0 packets dropped by kernel<\/pre>\n\n\n\n<h3 class=\"wp-block-heading\" id=\"h-example-4-print-output-in-ascii\"><span class=\"ez-toc-section\" id=\"Example_4_Print_output_in_ASCII\"><\/span>Example 4: Print output in ASCII<span class=\"ez-toc-section-end\"><\/span><\/h3>\n\n\n\n<p>With the use of option <strong>-A<\/strong>, we can print each packet in ASCII format. It is useful when capturing web pages.<\/p>\n\n\n\n<pre class=\"wp-block-code\"><code>sudo tcpdump -A<\/code><\/pre>\n\n\n\n<pre class=\"wp-block-preformatted\">Output:\ntcpdump: verbose output suppressed, use -v or -vv for full protocol decode\n listening on eth0, link-type EN10MB (Ethernet), capture size 262144 bytes\n 16:25:36.005378 IP ip-172-31-36-121.ap-south-1.compute.internal.https &gt; 162.158.107.162.36814: Flags [P.], seq 1507192181:1507192212, ack 1391444966, win 227, length 31\n E..GZ.@.@\u2026..$y..k\u2026..Y..uR\u2026P\u2026\u2026\u2026\u2026 @.k!;..`.0.V,8A.E5\u2026.=.:\n 16:25:36.005444 IP ip-172-31-36-121.ap-south-1.compute.internal.https &gt; 162.158.107.162.36814: Flags [F.], seq 31, ack 1, win 227, length 0\n E..(Z.@.@..7..$y..k\u2026..Y\u2026R\u2026P\u2026\u2026.\n 16:25:36.287113 IP 162.158.107.162.36814 &gt; ip-172-31-36-121.ap-south-1.compute.internal.https: Flags [.], ack 31, win 104, length 0\n E..(..@.(..q..k\u2026$y\u2026.R\u2026Y\u2026P..h\u2026.\n 16:25:36.287521 IP 162.158.107.162.36814 &gt; ip-172-31-36-121.ap-south-1.compute.internal.https: Flags [R.], seq 1, ack 32, win 104, length 0\n E..(..@.(..p..k\u2026$y\u2026.R\u2026Y\u2026P..h\u2026.<\/pre>\n\n\n\n<h3 class=\"wp-block-heading\" id=\"h-example-5-readable-timestamps\"><span class=\"ez-toc-section\" id=\"Example_5_Readable_timestamps\"><\/span>Example 5: Readable timestamps<span class=\"ez-toc-section-end\"><\/span><\/h3>\n\n\n\n<p>I don&#8217;t know whether you notice or not, but the timestamps in all the above output are not human readable. With the use of <strong>-tttt<\/strong> option, you can convert the timestamp in a human-readable format.<\/p>\n\n\n\n<pre class=\"wp-block-code\"><code>sudo tcpdump -tttt<\/code><\/pre>\n\n\n\n<pre class=\"wp-block-preformatted\">Output:\ntcpdump: verbose output suppressed, use -v or -vv for full protocol decode\n listening on eno1, link-type EN10MB (Ethernet), capture size 262144 bytes\n 2020-02-15 16:52:36.468792 IP 172.16.8.183.48876 &gt; 151.101.1.140.https: Flags [.], ack 79342705, win 501, options [nop,nop,TS val 160788396 ecr 2213864497], length 0\n 2020-02-15 16:52:36.469536 IP 172.16.8.183.58480 &gt; dns.google.domain: 48377+ PTR? 140.1.101.151.in-addr.arpa. (44)\n 2020-02-15 16:52:36.489206 IP dns.google.domain &gt; 172.16.8.183.58480: 48377 NXDomain 0\/1\/0 (104)\n 2020-02-15 16:52:36.489546 IP 172.16.8.183.58480 &gt; dns.google.domain: 52876+ PTR? 183.8.16.172.in-addr.arpa. (43)\n 2020-02-15 16:52:36.505372 IP bom12s01-in-f5.1e100.net.https &gt; 172.16.8.183.45736: Flags [P.], seq 2536084477:2536084730, ack 810527209, win 1050, options [nop,nop,TS val 3706306398 ecr 1808033774], length 253\n 2020-02-15 16:52:36.505399 IP 172.16.8.183.45736 &gt; bom12s01-in-f5.1e100.net.https: Flags [.], ack 253, win 2500, options [nop,nop,TS val 1808034143 ecr 3706306398], length 0<\/pre>\n\n\n\n<h3 class=\"wp-block-heading\" id=\"h-example-6-save-captured-packets\"><span class=\"ez-toc-section\" id=\"Example_6_Save_captured_packets\"><\/span>Example 6: Save captured packets<span class=\"ez-toc-section-end\"><\/span><\/h3>\n\n\n\n<p>By default, tcpdump will print the output on the screen. But if you want to save the output in a .<strong>pcap<\/strong> (Packate Capture) file you can use <strong>-w<\/strong> option where <strong>w<\/strong> means to write.<\/p>\n\n\n\n<pre class=\"wp-block-code\"><code>sudo tcpdump -w my_filename.pcap<\/code><\/pre>\n\n\n\n<h3 class=\"wp-block-heading\" id=\"h-example-8-reading-a-pcap-packet-capture-file\"><span class=\"ez-toc-section\" id=\"Example_8_Reading_a_pcapPacket_Capture_file\"><\/span>Example 8: Reading a .pcap(Packet Capture file)<span class=\"ez-toc-section-end\"><\/span><\/h3>\n\n\n\n<p>Since <strong>pcap<\/strong> is a format for network traffic capture file it is not human-readable. We have to use specific software or methods to read these files. Tools like tcpdump or Wireshark are most often used for this. In tcpdump option <strong>-r<\/strong> is used for reading the captured file.<\/p>\n\n\n\n<pre class=\"wp-block-code\"><code>sudo tcpdump -r my_filename.pcap<\/code><\/pre>\n\n\n\n<pre class=\"wp-block-preformatted\">Output:\n reading from file my_file.pcap, link-type EN10MB (Ethernet)\n 17:11:10.624048 ARP, Request who-has 172.16.0.234 tell 172.16.9.234, length 46\n 17:11:10.869503 ARP, Request who-has 172.16.11.221 (Broadcast) tell 0.0.0.0, length 46\n 17:11:11.063824 IP 172.16.8.183.43838 &gt; 172.16.0.1.http: Flags [P.], seq 2249248014:2249248649, ack 39414386, win 501, options [nop,nop,TS val 1080292761 ecr 2446281268], length 635: HTTP: POST \/getstats.php HTTP\/1.1\n 17:11:11.064046 IP 172.16.0.1.http &gt; 172.16.8.183.43838: Flags [.], ack 635, win 508, options [nop,nop,TS val 2446284254 ecr 1080292761], length 0<\/pre>\n\n\n\n<h3 class=\"wp-block-heading\" id=\"h-example-9-disable-naming\"><span class=\"ez-toc-section\" id=\"Example_9_Disable_naming\"><\/span>Example 9: Disable naming<span class=\"ez-toc-section-end\"><\/span><\/h3>\n\n\n\n<p>If you want that tcpdump will not convert IP addresses to hostnames and port numbers to services names, you should use the option <strong>-n<\/strong> for this.<\/p>\n\n\n\n<pre class=\"wp-block-code\"><code>sudo tcpdump -n<\/code><\/pre>\n\n\n\n<h3 class=\"wp-block-heading\" id=\"h-example-10-filter-traffic-by-protocols\"><span class=\"ez-toc-section\" id=\"Example_10_Filter_Traffic_by_Protocols\"><\/span>Example 10: Filter Traffic by Protocols<span class=\"ez-toc-section-end\"><\/span><\/h3>\n\n\n\n<p>To filter the traffic of a specific type of protocol you can provide its name as an argument. Mainly TCP, UDP, and ICMP are used but you can use others also.<\/p>\n\n\n\n<pre class=\"wp-block-code\"><code>sudo tcpdump icmp<\/code><\/pre>\n\n\n\n<pre class=\"wp-block-preformatted\">Output:\n  tcpdump: verbose output suppressed, use -v or -vv for full protocol decode\n  listening on eno1, link-type EN10MB (Ethernet), capture size 262144 bytes  \n  17:32:29.235906 IP 172.16.8.183 &gt; bom12s03-in-f14.1e100.net: ICMP echo request, id 24416, seq 1, length 64  \n  17:32:29.252115 IP bom12s03-in-f14.1e100.net &gt; 172.16.8.183: ICMP echo reply, id 24416, seq 1, length 64  \n  17:32:30.237707 IP 172.16.8.183 &gt; bom12s03-in-f14.1e100.net: ICMP echo request, id 24416, seq 2, length 64  \n  17:32:30.252182 IP bom12s03-in-f14.1e100.net &gt; 172.16.8.183: ICMP echo reply, id 24416, seq 2, length 64  \n  17:32:31.237162 IP 172.16.8.183 &gt; bom12s03-in-f14.1e100.net: ICMP echo request, id 24416, seq 3, length 64  \n  17:32:31.252145 IP bom12s03-in-f14.1e100.net &gt; 172.16.8.183: ICMP echo reply, id 24416, seq 3, length 64  \n  17:32:32.238303 IP 172.16.8.183 &gt; bom12s03-in-f14.1e100.net: ICMP echo request, id 24416, seq 4, length 64<\/pre>\n\n\n\n<h3 class=\"wp-block-heading\" id=\"h-example-11-filter-traffic-by-ip-address-or-hostname\"><span class=\"ez-toc-section\" id=\"Example_11_Filter_Traffic_by_IP_Address_or_Hostname\"><\/span>Example 11: Filter Traffic by IP Address or Hostname<span class=\"ez-toc-section-end\"><\/span><\/h3>\n\n\n\n<p>Any time, when we analyze network traffic this command is used most commonly. With this command, you can capture traffic for a specific host with the use of its IP Address.<\/p>\n\n\n\n<pre class=\"wp-block-code\"><code>sudo tcpdump host linuxbots.com<\/code><\/pre>\n\n\n\n<pre class=\"wp-block-preformatted\">Outout:\ntcpdump: verbose output suppressed, use -v or -vv for full protocol decode\n listening on eno1, link-type EN10MB (Ethernet), capture size 262144 bytes\n 17:35:35.093268 IP 172.16.8.183.46274 &gt; 104.24.110.23.https: Flags [S], seq 4241842716, win 64240, options [mss 1460,sackOK,TS val 879430422 ecr 0,nop,wscale 7], length 0\n 17:35:35.215146 IP 104.24.110.23.https &gt; 172.16.8.183.46274: Flags [S.], seq 3462322619, ack 4241842717, win 65535, options [mss 1400,nop,nop,sackOK,nop,wscale 10], length 0\n 17:35:35.215206 IP 172.16.8.183.46274 &gt; 104.24.110.23.https: Flags [.], ack 1, win 502, length 0\n 17:35:35.215576 IP 172.16.8.183.46274 &gt; 104.24.110.23.https: Flags [P.], seq 1:554, ack 1, win 502, length 553\n 17:35:35.292811 IP 104.24.110.23.https &gt; 172.16.8.183.46274: Flags [.], ack 554, win 66, length 0<\/pre>\n\n\n\n<h3 class=\"wp-block-heading\" id=\"h-example-12-filter-traffic-by-a-specific-port\"><span class=\"ez-toc-section\" id=\"Example_12_Filter_Traffic_by_a_specific_port\"><\/span>Example 12: Filter Traffic by a specific port<span class=\"ez-toc-section-end\"><\/span><\/h3>\n\n\n\n<p>We can capture the traffic of a specific port using the <strong>port<\/strong> option.<\/p>\n\n\n\n<pre class=\"wp-block-code\"><code>sudo tcpdump port 80<\/code><\/pre>\n\n\n\n<pre class=\"wp-block-preformatted\">Output:\ntcpdump: verbose output suppressed, use -v or -vv for full protocol decode\n listening on eno1, link-type EN10MB (Ethernet), capture size 262144 bytes\n 17:39:16.064208 IP 172.16.8.183.47060 &gt; 172.16.0.1.http: Flags [P.], seq 1963726501:1963727185, ack 2366941443, win 501, options [nop,nop,TS val 1081977725 ecr 475210608], length 684: HTTP: POST \/widgets\/widgets\/interfaces.widget.php HTTP\/1.1\n 17:39:16.064384 IP 172.16.0.1.http &gt; 172.16.8.183.47060: Flags [.], ack 684, win 507, options [nop,nop,TS val 475213508 ecr 1081977725], length 0<\/pre>\n\n\n\n<h3 class=\"wp-block-heading\" id=\"h-example-13-filter-traffic-by-specific-direction\"><span class=\"ez-toc-section\" id=\"Example_13_Filter_Traffic_by_specific_direction\"><\/span>Example 13: Filter Traffic by specific direction<span class=\"ez-toc-section-end\"><\/span><\/h3>\n\n\n\n<p>tcpdump offers options like <strong>src<\/strong> and <strong>dst<\/strong> for capturing traffic of specific direction. See the examples below.<\/p>\n\n\n\n<pre class=\"wp-block-code\"><code>sudo tcpdump src 10.0.0.1\nsudo tcpdump dst 172.16.0.1\n\n######### using with the host option ###########\nsudo tcpdump dst google.com\n\n####### using with the port option #############\nsudo tcpdump src port 80\n\n####### using multiple options ################\nsudo tcpdump -tttt -c 10 dst port 443 host google.com<\/code><\/pre>\n\n\n\n<h3 class=\"wp-block-heading\" id=\"h-example-14-filter-traffic-by-network-address\"><span class=\"ez-toc-section\" id=\"Example_14_Filter_Traffic_by_network_address\"><\/span>Example 14: Filter Traffic by network address<span class=\"ez-toc-section-end\"><\/span><\/h3>\n\n\n\n<p>With the <strong>net<\/strong> option, we can capture traffic of a specific network subnet. <\/p>\n\n\n\n<pre class=\"wp-block-code\"><code>sudo tcpdump net 172.16.0.0\/16<\/code><\/pre>\n\n\n\n<h3 class=\"wp-block-heading\" id=\"h-example-15-filter-traffic-by-the-port-range\"><span class=\"ez-toc-section\" id=\"Example_15_Filter_Traffic_by_the_port_range\"><\/span>Example 15: Filter Traffic by the port range<span class=\"ez-toc-section-end\"><\/span><\/h3>\n\n\n\n<p>We can capture the traffic of a particularly given port range by using the <strong>portrange<\/strong> option.<\/p>\n\n\n\n<pre class=\"wp-block-code\"><code>sudo tcpdump portrange 0-1000<\/code><\/pre>\n\n\n\n<p>Also Read: <a href=\"https:\/\/oracle.itsupportwale.com\/blog\/netplan-static-ip-configure-static-ip-address-on-ubuntu-18-04\/\">Netplan Static IP \u2013 Configure static IP address on Ubuntu 18.04<\/a><\/p>\n","protected":false},"excerpt":{"rendered":"<p>tcpdump is one of the most powerful command-line packet analyzer tools for all IT Professionals. In this tutorial, we share some practical examples of tcpdump tool which should be known by every IT Professional. A well-known network sniffer tool for network monitoring which provides plenty of options. From analyzing live network traffic to capture specific &#8230; <a title=\"Tcpdump Examples &#8211; 15 commands you must know\" class=\"read-more\" href=\"https:\/\/itsupportwale.com\/blog\/tcpdump-examples\/\" aria-label=\"Read more  on Tcpdump Examples &#8211; 15 commands you must know\">Read more<\/a><\/p>\n","protected":false},"author":2,"featured_media":3457,"comment_status":"open","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[498,500,503,504,2],"tags":[534,538,539,548,549,550,563,591,588,589,592,590,587],"class_list":["post-997","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-foss","category-linux","category-tools","category-tutorial","category-tutorials","tag-linux-tools","tag-network-monitoring","tag-network-sniffer","tag-packet-analyzer","tag-packet-capture","tag-packet-sniffer","tag-tcpdump","tag-tcpdump-cheat-sheet","tag-tcpdump-command","tag-tcpdump-examples-linux","tag-tcpdump-multiple-hosts","tag-tcpdump-specific-ip","tag-tcpdump-write-to-file"],"yoast_head":"<!-- This site is optimized with the Yoast SEO plugin v27.0 - https:\/\/yoast.com\/product\/yoast-seo-wordpress\/ -->\n<title>Tcpdump Examples - 15 commands you must know - ITSupportWale<\/title>\n<meta name=\"description\" content=\"Practical examples of tcpdump commands which should be known by every IT Professional. In detail examples with commands and output.\" \/>\n<meta name=\"robots\" content=\"index, follow, max-snippet:-1, max-image-preview:large, max-video-preview:-1\" \/>\n<link rel=\"canonical\" href=\"https:\/\/itsupportwale.com\/blog\/tcpdump-examples\/\" \/>\n<meta property=\"og:locale\" content=\"en_US\" \/>\n<meta property=\"og:type\" content=\"article\" \/>\n<meta property=\"og:title\" content=\"Tcpdump Examples - 15 commands you must know - ITSupportWale\" \/>\n<meta property=\"og:description\" content=\"Practical examples of tcpdump commands which should be known by every IT Professional. In detail examples with commands and output.\" \/>\n<meta property=\"og:url\" content=\"https:\/\/itsupportwale.com\/blog\/tcpdump-examples\/\" \/>\n<meta property=\"og:site_name\" content=\"ITSupportWale\" \/>\n<meta property=\"article:publisher\" content=\"https:\/\/www.facebook.com\/Itsupportwale-298547177495978\" \/>\n<meta property=\"article:published_time\" content=\"2021-01-05T09:25:23+00:00\" \/>\n<meta property=\"article:modified_time\" content=\"2021-01-05T09:25:27+00:00\" \/>\n<meta property=\"og:image\" content=\"https:\/\/itsupportwale.com\/blog\/wp-content\/uploads\/2021\/01\/tcpdump-examples-feature-image.jpg\" \/>\n\t<meta property=\"og:image:width\" content=\"1280\" \/>\n\t<meta property=\"og:image:height\" content=\"720\" \/>\n\t<meta property=\"og:image:type\" content=\"image\/jpeg\" \/>\n<meta name=\"author\" content=\"Techie\" \/>\n<meta name=\"twitter:card\" content=\"summary_large_image\" \/>\n<meta name=\"twitter:label1\" content=\"Written by\" \/>\n\t<meta name=\"twitter:data1\" content=\"Techie\" \/>\n\t<meta name=\"twitter:label2\" content=\"Est. reading time\" \/>\n\t<meta name=\"twitter:data2\" content=\"7 minutes\" \/>\n<script type=\"application\/ld+json\" class=\"yoast-schema-graph\">{\"@context\":\"https:\/\/schema.org\",\"@graph\":[{\"@type\":\"Article\",\"@id\":\"https:\/\/itsupportwale.com\/blog\/tcpdump-examples\/#article\",\"isPartOf\":{\"@id\":\"https:\/\/itsupportwale.com\/blog\/tcpdump-examples\/\"},\"author\":{\"name\":\"Techie\",\"@id\":\"https:\/\/itsupportwale.com\/blog\/#\/schema\/person\/8c5a2b3d36396e0a8fd91ec8242fd46d\"},\"headline\":\"Tcpdump Examples &#8211; 15 commands you must know\",\"datePublished\":\"2021-01-05T09:25:23+00:00\",\"dateModified\":\"2021-01-05T09:25:27+00:00\",\"mainEntityOfPage\":{\"@id\":\"https:\/\/itsupportwale.com\/blog\/tcpdump-examples\/\"},\"wordCount\":670,\"commentCount\":0,\"publisher\":{\"@id\":\"https:\/\/itsupportwale.com\/blog\/#organization\"},\"image\":{\"@id\":\"https:\/\/itsupportwale.com\/blog\/tcpdump-examples\/#primaryimage\"},\"thumbnailUrl\":\"https:\/\/itsupportwale.com\/blog\/wp-content\/uploads\/2021\/01\/tcpdump-examples-feature-image.jpg\",\"keywords\":[\"linux tools\",\"network monitoring\",\"network sniffer\",\"packet analyzer\",\"packet capture\",\"packet sniffer\",\"tcpdump\",\"tcpdump cheat sheet\",\"tcpdump command\",\"tcpdump examples linux\",\"tcpdump multiple hosts\",\"tcpdump specific ip\",\"tcpdump write to file\"],\"articleSection\":[\"FOSS\",\"Linux\",\"tools\",\"Tutorial\",\"Tutorials\"],\"inLanguage\":\"en-US\",\"potentialAction\":[{\"@type\":\"CommentAction\",\"name\":\"Comment\",\"target\":[\"https:\/\/itsupportwale.com\/blog\/tcpdump-examples\/#respond\"]}]},{\"@type\":\"WebPage\",\"@id\":\"https:\/\/itsupportwale.com\/blog\/tcpdump-examples\/\",\"url\":\"https:\/\/itsupportwale.com\/blog\/tcpdump-examples\/\",\"name\":\"Tcpdump Examples - 15 commands you must know - ITSupportWale\",\"isPartOf\":{\"@id\":\"https:\/\/itsupportwale.com\/blog\/#website\"},\"primaryImageOfPage\":{\"@id\":\"https:\/\/itsupportwale.com\/blog\/tcpdump-examples\/#primaryimage\"},\"image\":{\"@id\":\"https:\/\/itsupportwale.com\/blog\/tcpdump-examples\/#primaryimage\"},\"thumbnailUrl\":\"https:\/\/itsupportwale.com\/blog\/wp-content\/uploads\/2021\/01\/tcpdump-examples-feature-image.jpg\",\"datePublished\":\"2021-01-05T09:25:23+00:00\",\"dateModified\":\"2021-01-05T09:25:27+00:00\",\"description\":\"Practical examples of tcpdump commands which should be known by every IT Professional. In detail examples with commands and output.\",\"breadcrumb\":{\"@id\":\"https:\/\/itsupportwale.com\/blog\/tcpdump-examples\/#breadcrumb\"},\"inLanguage\":\"en-US\",\"potentialAction\":[{\"@type\":\"ReadAction\",\"target\":[\"https:\/\/itsupportwale.com\/blog\/tcpdump-examples\/\"]}]},{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\/\/itsupportwale.com\/blog\/tcpdump-examples\/#primaryimage\",\"url\":\"https:\/\/itsupportwale.com\/blog\/wp-content\/uploads\/2021\/01\/tcpdump-examples-feature-image.jpg\",\"contentUrl\":\"https:\/\/itsupportwale.com\/blog\/wp-content\/uploads\/2021\/01\/tcpdump-examples-feature-image.jpg\",\"width\":1280,\"height\":720,\"caption\":\"tcpdump-examples-feature-image\"},{\"@type\":\"BreadcrumbList\",\"@id\":\"https:\/\/itsupportwale.com\/blog\/tcpdump-examples\/#breadcrumb\",\"itemListElement\":[{\"@type\":\"ListItem\",\"position\":1,\"name\":\"Home\",\"item\":\"https:\/\/itsupportwale.com\/blog\/\"},{\"@type\":\"ListItem\",\"position\":2,\"name\":\"Tcpdump Examples &#8211; 15 commands you must know\"}]},{\"@type\":\"WebSite\",\"@id\":\"https:\/\/itsupportwale.com\/blog\/#website\",\"url\":\"https:\/\/itsupportwale.com\/blog\/\",\"name\":\"ITSupportWale\",\"description\":\"Tips, Tricks, Fixed-Errors, Tutorials &amp; Guides\",\"publisher\":{\"@id\":\"https:\/\/itsupportwale.com\/blog\/#organization\"},\"potentialAction\":[{\"@type\":\"SearchAction\",\"target\":{\"@type\":\"EntryPoint\",\"urlTemplate\":\"https:\/\/itsupportwale.com\/blog\/?s={search_term_string}\"},\"query-input\":{\"@type\":\"PropertyValueSpecification\",\"valueRequired\":true,\"valueName\":\"search_term_string\"}}],\"inLanguage\":\"en-US\"},{\"@type\":\"Organization\",\"@id\":\"https:\/\/itsupportwale.com\/blog\/#organization\",\"name\":\"itsupportwale\",\"url\":\"https:\/\/itsupportwale.com\/blog\/\",\"logo\":{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\/\/itsupportwale.com\/blog\/#\/schema\/logo\/image\/\",\"url\":\"https:\/\/itsupportwale.com\/blog\/wp-content\/uploads\/2023\/09\/cropped-Logo-trans-without-slogan.png\",\"contentUrl\":\"https:\/\/itsupportwale.com\/blog\/wp-content\/uploads\/2023\/09\/cropped-Logo-trans-without-slogan.png\",\"width\":1119,\"height\":144,\"caption\":\"itsupportwale\"},\"image\":{\"@id\":\"https:\/\/itsupportwale.com\/blog\/#\/schema\/logo\/image\/\"},\"sameAs\":[\"https:\/\/www.facebook.com\/Itsupportwale-298547177495978\"]},{\"@type\":\"Person\",\"@id\":\"https:\/\/itsupportwale.com\/blog\/#\/schema\/person\/8c5a2b3d36396e0a8fd91ec8242fd46d\",\"name\":\"Techie\",\"sameAs\":[\"https:\/\/itsupportwale.com\",\"iswblogadmin\"],\"url\":\"https:\/\/itsupportwale.com\/blog\/author\/iswblogadmin\/\"}]}<\/script>\n<!-- \/ Yoast SEO plugin. -->","yoast_head_json":{"title":"Tcpdump Examples - 15 commands you must know - ITSupportWale","description":"Practical examples of tcpdump commands which should be known by every IT Professional. In detail examples with commands and output.","robots":{"index":"index","follow":"follow","max-snippet":"max-snippet:-1","max-image-preview":"max-image-preview:large","max-video-preview":"max-video-preview:-1"},"canonical":"https:\/\/itsupportwale.com\/blog\/tcpdump-examples\/","og_locale":"en_US","og_type":"article","og_title":"Tcpdump Examples - 15 commands you must know - ITSupportWale","og_description":"Practical examples of tcpdump commands which should be known by every IT Professional. In detail examples with commands and output.","og_url":"https:\/\/itsupportwale.com\/blog\/tcpdump-examples\/","og_site_name":"ITSupportWale","article_publisher":"https:\/\/www.facebook.com\/Itsupportwale-298547177495978","article_published_time":"2021-01-05T09:25:23+00:00","article_modified_time":"2021-01-05T09:25:27+00:00","og_image":[{"width":1280,"height":720,"url":"https:\/\/itsupportwale.com\/blog\/wp-content\/uploads\/2021\/01\/tcpdump-examples-feature-image.jpg","type":"image\/jpeg"}],"author":"Techie","twitter_card":"summary_large_image","twitter_misc":{"Written by":"Techie","Est. reading time":"7 minutes"},"schema":{"@context":"https:\/\/schema.org","@graph":[{"@type":"Article","@id":"https:\/\/itsupportwale.com\/blog\/tcpdump-examples\/#article","isPartOf":{"@id":"https:\/\/itsupportwale.com\/blog\/tcpdump-examples\/"},"author":{"name":"Techie","@id":"https:\/\/itsupportwale.com\/blog\/#\/schema\/person\/8c5a2b3d36396e0a8fd91ec8242fd46d"},"headline":"Tcpdump Examples &#8211; 15 commands you must know","datePublished":"2021-01-05T09:25:23+00:00","dateModified":"2021-01-05T09:25:27+00:00","mainEntityOfPage":{"@id":"https:\/\/itsupportwale.com\/blog\/tcpdump-examples\/"},"wordCount":670,"commentCount":0,"publisher":{"@id":"https:\/\/itsupportwale.com\/blog\/#organization"},"image":{"@id":"https:\/\/itsupportwale.com\/blog\/tcpdump-examples\/#primaryimage"},"thumbnailUrl":"https:\/\/itsupportwale.com\/blog\/wp-content\/uploads\/2021\/01\/tcpdump-examples-feature-image.jpg","keywords":["linux tools","network monitoring","network sniffer","packet analyzer","packet capture","packet sniffer","tcpdump","tcpdump cheat sheet","tcpdump command","tcpdump examples linux","tcpdump multiple hosts","tcpdump specific ip","tcpdump write to file"],"articleSection":["FOSS","Linux","tools","Tutorial","Tutorials"],"inLanguage":"en-US","potentialAction":[{"@type":"CommentAction","name":"Comment","target":["https:\/\/itsupportwale.com\/blog\/tcpdump-examples\/#respond"]}]},{"@type":"WebPage","@id":"https:\/\/itsupportwale.com\/blog\/tcpdump-examples\/","url":"https:\/\/itsupportwale.com\/blog\/tcpdump-examples\/","name":"Tcpdump Examples - 15 commands you must know - ITSupportWale","isPartOf":{"@id":"https:\/\/itsupportwale.com\/blog\/#website"},"primaryImageOfPage":{"@id":"https:\/\/itsupportwale.com\/blog\/tcpdump-examples\/#primaryimage"},"image":{"@id":"https:\/\/itsupportwale.com\/blog\/tcpdump-examples\/#primaryimage"},"thumbnailUrl":"https:\/\/itsupportwale.com\/blog\/wp-content\/uploads\/2021\/01\/tcpdump-examples-feature-image.jpg","datePublished":"2021-01-05T09:25:23+00:00","dateModified":"2021-01-05T09:25:27+00:00","description":"Practical examples of tcpdump commands which should be known by every IT Professional. In detail examples with commands and output.","breadcrumb":{"@id":"https:\/\/itsupportwale.com\/blog\/tcpdump-examples\/#breadcrumb"},"inLanguage":"en-US","potentialAction":[{"@type":"ReadAction","target":["https:\/\/itsupportwale.com\/blog\/tcpdump-examples\/"]}]},{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/itsupportwale.com\/blog\/tcpdump-examples\/#primaryimage","url":"https:\/\/itsupportwale.com\/blog\/wp-content\/uploads\/2021\/01\/tcpdump-examples-feature-image.jpg","contentUrl":"https:\/\/itsupportwale.com\/blog\/wp-content\/uploads\/2021\/01\/tcpdump-examples-feature-image.jpg","width":1280,"height":720,"caption":"tcpdump-examples-feature-image"},{"@type":"BreadcrumbList","@id":"https:\/\/itsupportwale.com\/blog\/tcpdump-examples\/#breadcrumb","itemListElement":[{"@type":"ListItem","position":1,"name":"Home","item":"https:\/\/itsupportwale.com\/blog\/"},{"@type":"ListItem","position":2,"name":"Tcpdump Examples &#8211; 15 commands you must know"}]},{"@type":"WebSite","@id":"https:\/\/itsupportwale.com\/blog\/#website","url":"https:\/\/itsupportwale.com\/blog\/","name":"ITSupportWale","description":"Tips, Tricks, Fixed-Errors, Tutorials &amp; Guides","publisher":{"@id":"https:\/\/itsupportwale.com\/blog\/#organization"},"potentialAction":[{"@type":"SearchAction","target":{"@type":"EntryPoint","urlTemplate":"https:\/\/itsupportwale.com\/blog\/?s={search_term_string}"},"query-input":{"@type":"PropertyValueSpecification","valueRequired":true,"valueName":"search_term_string"}}],"inLanguage":"en-US"},{"@type":"Organization","@id":"https:\/\/itsupportwale.com\/blog\/#organization","name":"itsupportwale","url":"https:\/\/itsupportwale.com\/blog\/","logo":{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/itsupportwale.com\/blog\/#\/schema\/logo\/image\/","url":"https:\/\/itsupportwale.com\/blog\/wp-content\/uploads\/2023\/09\/cropped-Logo-trans-without-slogan.png","contentUrl":"https:\/\/itsupportwale.com\/blog\/wp-content\/uploads\/2023\/09\/cropped-Logo-trans-without-slogan.png","width":1119,"height":144,"caption":"itsupportwale"},"image":{"@id":"https:\/\/itsupportwale.com\/blog\/#\/schema\/logo\/image\/"},"sameAs":["https:\/\/www.facebook.com\/Itsupportwale-298547177495978"]},{"@type":"Person","@id":"https:\/\/itsupportwale.com\/blog\/#\/schema\/person\/8c5a2b3d36396e0a8fd91ec8242fd46d","name":"Techie","sameAs":["https:\/\/itsupportwale.com","iswblogadmin"],"url":"https:\/\/itsupportwale.com\/blog\/author\/iswblogadmin\/"}]}},"_links":{"self":[{"href":"https:\/\/itsupportwale.com\/blog\/wp-json\/wp\/v2\/posts\/997","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/itsupportwale.com\/blog\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/itsupportwale.com\/blog\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/itsupportwale.com\/blog\/wp-json\/wp\/v2\/users\/2"}],"replies":[{"embeddable":true,"href":"https:\/\/itsupportwale.com\/blog\/wp-json\/wp\/v2\/comments?post=997"}],"version-history":[{"count":0,"href":"https:\/\/itsupportwale.com\/blog\/wp-json\/wp\/v2\/posts\/997\/revisions"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/itsupportwale.com\/blog\/wp-json\/wp\/v2\/media\/3457"}],"wp:attachment":[{"href":"https:\/\/itsupportwale.com\/blog\/wp-json\/wp\/v2\/media?parent=997"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/itsupportwale.com\/blog\/wp-json\/wp\/v2\/categories?post=997"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/itsupportwale.com\/blog\/wp-json\/wp\/v2\/tags?post=997"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}