≡ Menu


tcpdump: Monitor ALL eth1 Traffic Except My Own SSH Session

I'm using tcpdump to dump, debug and monitor traffic on a network. However, there is lots of noise and I would like to exclude ssh from my dumps. How do I monitor all traffic except my ssh session?
Answer to

Linux change the directory for kdump to put its vmcore files

Q. How can I change the directory for kdump to put its vmcore files under CentOS Linux 5.0 operating system?

A. Kdump is a kexec based crash dumping mechansim for Linux. Kdump functionality is broken mainly in two components, user space and kernel space. Kdump support included in all modern Linux distro such as Suse, RHEL, CentOS and Debian. By default, kdump dumps its vmcore files in /var/crash directory. You can easily change this location by modifying kdump configuration file /etc/kdump.conf.

Change the directory for kdump

Open config file:
# vi /etc/kdump.conf
You need to set path using path command:
path -
You need to append path to the filesystem device which you are dumping to. Ignored for raw device dumps. If unset, will default to /var/crash. Set new path to /dumps directory:
path /dumps
Save and close the file.

Further readings: