cristiklein · March 12, 2023 12:46
diff --git a/tcpdump.service b/tcpdump.service
 # systemd unit to record DNS and DHCP requests
 #
 # Setup:
 #   sudo systemctl edit tcpdump --full --force
 #   # copy-paste the code below
 #   sudo systemctl enable tcpdump
 #   sudo systemctl status tcpdump  # should show "loaded" and "active"
 #
 # Usage:
 #   # reboot your workstation
 #   tcpdump -r /tmp/tcpdump.pcap 2> /dev/null | grep -Po '(?<=A[?] )[^ ]*' | sort -u
 #
 [Unit]
 Description="Record DNS and DHCP traffic"
 Before=network-pre.target
 Wants=network-pre.target

 [Service]
 ExecStart=/usr/bin/tcpdump -n -i any -C 10000 -G 86400 -w /tmp/tcpdump.pcap -z gzip -s 0 port 53 or port 67 or port 68

 [Install]
 WantedBy=multi-user.target
	# systemd unit to record DNS and DHCP requests
	#
	# Setup:
	# sudo systemctl edit tcpdump --full --force
	# # copy-paste the code below
	# sudo systemctl enable tcpdump
	# sudo systemctl status tcpdump # should show "loaded" and "active"
	#
	# Usage:
	# # reboot your workstation
	# tcpdump -r /tmp/tcpdump.pcap 2> /dev/null \| grep -Po '(?<=A[?] )[^ ]*' \| sort -u
	#
	[Unit]
	Description="Record DNS and DHCP traffic"
	Before=network-pre.target
	Wants=network-pre.target

	[Service]
	ExecStart=/usr/bin/tcpdump -n -i any -C 10000 -G 86400 -w /tmp/tcpdump.pcap -z gzip -s 0 port 53 or port 67 or port 68

	[Install]
	WantedBy=multi-user.target