tldr/pages/common/ngrep.md

# ngrep

> Filter network traffic packets using regular expressions.
> More information: <https://github.com/jpr5/ngrep/blob/master/EXAMPLES.md>.

- Capture traffic of all interfaces:

`ngrep -d any`

- Capture traffic of a specific interface:

`ngrep -d {{eth0}}`

- Capture traffic crossing port 22 of interface eth0:

`ngrep -d {{eth0}} port {{22}}`

- Capture traffic from or to a host:

`ngrep host {{www.example.com}}`

- Filter keyword 'User-Agent:' of interface eth0:

`ngrep -d {{eth0}} '{{User-Agent:}}'`
ngrep: add page (#930) * ngrep: add page * ngrep: update command * ngrep: update syntax 2016-09-01 23:20:09 +08:00			`# ngrep`

			`> Filter network traffic packets using regular expressions.`
common*: refresh old pages part 1 (#16253) 2025-04-25 05:54:18 +03:00			`> More information: <https://github.com/jpr5/ngrep/blob/master/EXAMPLES.md>.`
ngrep: add page (#930) * ngrep: add page * ngrep: update command * ngrep: update syntax 2016-09-01 23:20:09 +08:00
			`- Capture traffic of all interfaces:`

			`ngrep -d any`

			`- Capture traffic of a specific interface:`

			`ngrep -d {{eth0}}`

			`- Capture traffic crossing port 22 of interface eth0:`

			`ngrep -d {{eth0}} port {{22}}`

			`- Capture traffic from or to a host:`

			`ngrep host {{www.example.com}}`

			`- Filter keyword 'User-Agent:' of interface eth0:`

			`ngrep -d {{eth0}} '{{User-Agent:}}'`