how to make tcpdump to display ip and port number but not hostname and protocol

Add -n to your tcpdump command line.

From the tcpdump manpage:

-n Don't convert addresses (i.e., host addresses, port numbers, etc.) to names.

It should also be noted that on Fedora (and perhaps other derivatives: RHEL, CentOS, etc.) they have patched the original tcpdump version to include a separate option -nn to remove port numbers. From the manpage:

-n     Don't convert host addresses to names.   This  can  be  used  to
              avoid DNS lookups.

-nn    Don't convert protocol and port numbers etc. to names either.

I use -nn parameter.

-nn: Don’t resolve hostnames or port names.

Run it as:

tcpdump -nn

-n works only for hostnames, but doesn't work for port numbers. -nn does the trick for both. This is running tcpdump version 4.5.1 on Fedora 20 gnu/linux. Downvoted answer of @ATMc is the only correct. I sadly can neither upvote it nor write a comment below it because of low karma.

how to make tcpdump to display ip and port number but not hostname and protocol

Tags:

Linux

Networking

Tcpdump

Related

Recent Posts