「腾达签名」「腾达签名」

专注苹果签名难题
掉签问题一站解决

Tcpdump 的用法

yum安装:

yum install tcpdump

源码安装:

# flex
yum -y install flex

# bison
yum -y install bison

wget http://www.tcpdump.org/release/libpcap-1.5.3.tar.gz
wget http://www.tcpdump.org/release/tcpdump-4.5.1.tar.gz
tar -zxvf libpcap-1.5.3.tar.gz
cd libpcap-1.5.3
./configure
sudo make install
cd ..
tar -zxvf tcpdump-4.5.1.tar.gz
cd tcpdump-4.5.1
./configure
sudo make install
yum -y install bison

抓http包:

tcpdump -XvvennSs 0 -i eth0 tcp[20:2]=0x4745 or tcp[20:2]=0x4854 -w /tmp/capture.pcap

通过网卡eth1来监听端口80发出去的host包到192.168.109.8的报文:

tcpdump -i eth1 port 80 and dst host "192.168.109.8"

任意网卡目标是192.168.109.*的 80端口数据:

/usr/local/sbin/tcpdump -i any  port 80 and dst host "192.168.109.*" -w /tmp/capture.pcap

加上源地址IP:

tcpdump -i any -p -s 0 port 80 and dst host "192.168.109.*" and src host "10.70.32.**" -w /tmp/capture.pcap

苹果签名www.nanti.net

企业签名www.nanti.net

超级签名www.nanti.net

TF签名www.nanti.net

本原创文章未经允许不得转载 | 当前页面:「腾达签名」 » Tcpdump 的用法

评论