https://wiki.steffe.net/index.php?action=history&feed=atom&title=TCPdumpTCPdump - Revision history2026-04-28T12:51:16ZRevision history for this page on the wikiMediaWiki 1.43.8https://wiki.steffe.net/index.php?title=TCPdump&diff=277&oldid=prevSteffe: Created page with "== Basic capture == Typical usage to capture network traffic going to a specific host: sudo tcpdump host xxx.xxx.xxx.xxx -w output.pcap == TLS capture == In case the traffic is encrypted using TLS or similar, you may be able to use the SSLKEYLOGFILE environment variable when running your client (or server) binary: SSLKEYLOGFILE=sslkeylogfile.log ./testapplication.py If this produces a sslkeylogfile.log file, you can use that to decrypt the TLS traffic. Open wireshark..."2025-02-18T11:55:38Z<p>Created page with "== Basic capture == Typical usage to capture network traffic going to a specific host: sudo tcpdump host xxx.xxx.xxx.xxx -w output.pcap == TLS capture == In case the traffic is encrypted using TLS or similar, you may be able to use the SSLKEYLOGFILE environment variable when running your client (or server) binary: SSLKEYLOGFILE=sslkeylogfile.log ./testapplication.py If this produces a sslkeylogfile.log file, you can use that to decrypt the TLS traffic. Open wireshark..."</p>
<p><b>New page</b></p><div>== Basic capture ==<br />
Typical usage to capture network traffic going to a specific host:<br />
sudo tcpdump host xxx.xxx.xxx.xxx -w output.pcap<br />
<br />
== TLS capture ==<br />
In case the traffic is encrypted using TLS or similar, you may be able to use the SSLKEYLOGFILE environment variable when running your client (or server) binary:<br />
SSLKEYLOGFILE=sslkeylogfile.log ./testapplication.py<br />
If this produces a sslkeylogfile.log file, you can use that to decrypt the TLS traffic. Open wireshark and go to Edit - Preferences - Protocol - TLS - (Pre)-Master-Secret log filename and specify your sslkeylogfile.log file. Then open your package dump and it will be decrypted.</div>Steffe