Read pcap file
$(tcpdump -r $file_name.pcap)
Capture in ASCII
filter dhcp packet and write (-w) to file
$(tcpdump -i $interface_name -s 0 port 67 or port 68 -w "$file_name.pcap")
filter arp or other protocols (fddi, tr, wlan, ip, ip6, arp, rarp, decnet, tcp and udp)
$(tcpdump -i $interface_name arp)
filter destination
$(tcpdump -i $interface_name dst $ip_addr)
filter radius
#Check port number by /etc/services
$(tcpdump -i $interface_name port 1812 or port 1813 or port 3799)
Get radius attribute (Attr will be stripped in packet )
$(tcpdump -i $interface_name -s 0 port 1812 or port 1813 or port 3799)
Get VLAM ID
$(tcpdump -n -i $interface_name host $host_ip -e)
Display Captured Packets in HEX and ASCII
$(tcpdump -XX -i $interface)
##Ping
Ping continueously
$(ping -t $ip -I $interface)