Tcpdump TCP Filters
Background It is occasionally useful to be able to capture packets with only defined TCP flags set while troubleshooting some issues. While you can always just search out the magic command line to do so, I had wanted to understand how the filters worked. I figured this would be a useful item to have in my toolkit. For example lets capture any TCP packet that has SYN set: root@pi3:~# tcpdump -c 3 -n -i eth0 'tcp[13] & 2!...