From 133a8cc13faa73de55c9692a433c8b97e9ca342a Mon Sep 17 00:00:00 2001
From: "James H. Linder" <james@jlinder.com>
Date: Thu, 27 Mar 2014 14:46:32 -0400
Subject: [PATCH] tcpdump command to output to a dated filename all traffic not
 on port 22

---
 pages/common/tcpdump.md | 5 +++++
 1 file changed, 5 insertions(+)

diff --git a/pages/common/tcpdump.md b/pages/common/tcpdump.md
index c47b5697db..d1600ebf97 100644
--- a/pages/common/tcpdump.md
+++ b/pages/common/tcpdump.md
@@ -22,3 +22,8 @@
 
 `tcpdump net {{192.168.1.0/24}}`
 
+- capture all traffic except traffic over port 22 and save to a dump file with today's date
+
+```
+tcpdump -w dumpfile.`date +%Y.%m.%d-%H.%M`.pcap not port 22
+```