tcpdump as a systemd service on Proxmox hosts

Matthew Daniel · Jul 27, 2022

Has anyone here attempted to run tcpdump as a systemd service on Proxmox hosts? Can you please share your tcpdump.service file and any other configuration info?
I'm struggling to get it running and would like tcpdump to start on boot to monitor some DNS issues I'm logging on port 53

Hannes Laimer · Jul 28, 2022

Hey,

this should work, you probably also want to specify a file with -w.

Code:

[Unit]
After=network.target
 
[Service]
ExecStart=/usr/bin/tcpdump ...
ExecStop=/bin/kill -s TERM $MAINPID
 
[Install]
WantedBy=multi-user.target

Matthew Daniel · Jul 28, 2022

Hannes Laimer said:
Hey,

this should work, you probably also want to specify a file with -w.

Code:

[Unit] After=network.target [Service] ExecStart=/usr/bin/tcpdump ... ExecStop=/bin/kill -s TERM $MAINPID [Install] WantedBy=multi-user.target

Thanks, Hannes. I had something similar set up that kept refusing to start.

I could run tcpdump via the command line with the following attributes:
tcpdump -i ens18 -K -n port 53 -s 0 -w /var/log/tcpdump_$(hostname -s)_port53_$(date +%Y%m%d-%H%M%S).pcap

I had to tweak this in the tcpdump.service file to get it to run:

ExecStart=/bin/bash -lc '/usr/bin/tcpdump  -i ens18 -K -n port 53 -s 0 -w /var/log/tcpdump_$(hostname -s)_port53_$$(date +%%Y%%m%%d-%%H%%M%%S).pcap'

All sorted now. Cheers

Search

Search

tcpdump as a systemd service on Proxmox hosts

Matthew Daniel

Active Member

Hannes Laimer

Proxmox Staff Member

Matthew Daniel

Active Member