Windows system >> Linux system Tutorial >> Linux Tutorial

The linux packet capture command

  

tcpdump is a Sniffer tool, which is actually a packet capture tool on the network, and can also analyze the captured packets. The general system is installed by default. For related introductions and installation instructions, see: Installation and use of Tcpdump. Tcpdump command description: tcpdump adopts command line mode, its command format is: tcpdump [ -adeflnNOpqStvx ] [ -c quantity] [ -F file name][ -i network interface] [ -r file name] [ -s snaplen ][ ,null,null,3],-T type] [-w filename] [expression] tcpdump options: -a converts the network address and broadcast address into a name; -d gives the matching packet code in an assembly format that people can understand;- Dd gives the code matching the packet in the format of the c language block; -ddd gives the code matching the packet in decimal form; -e prints the header information of the data link layer on the output line; -f Print the external Internet address as a number; -l make the standard output a buffer line; -n not convert the network address to a name; -t does not print a timestamp on each line of the output; -v outputs a slightly Detailed information, such as ttl and service type information in the ip package; -vv output detailed message information; -c After the number of packages, tcpdump will stop; -F reads the expression from the specified file, ignoring other expressions; -i specifies the network interface to listen to; -r reads the package from the specified file (these packages) Usually generated by the -w option); -w directly writes the package to the file, does not analyze and print it out; -T interprets the intercepted packet directly as a specified type of message, the common type is rpc (remote process Call) and snmp (Simple Network Management Protocol;)-s Set the packet size limit. The default packet size is limited to 96 BYTE (including Ethernet frames). Modify the parameter to: -s 0. 0 to ignore the size limit of the packet, and grab the actual length of the packet. Example: tcpdump -vv tcp port 5270 -c 100 -s 1500 -w /opt/sniffer.pack

The command parameter for tcpdump capture to file is -w xxx.cap grab eth1 package tcpdump - i eth1 -w /tmp/xxx.cap

Catch 192.168.1.123 package tcpdump -i eth1 host 192.168.1.123 -w /tmp/xxx.cap

Catch 192.168.1.123 of 80 Port package tcpdump -i eth1 host 192.168.1.123 and port 80 -w /tmp/xxx.cap

Catch 192.168.1.123 icmp package tcpdump -i eth1 host 192.168.1.123 and icmp -w /tmp /xxx.cap

Catch the 192.168.1.123 port 80 and other ports other than 110 and 25 tcpdump -i eth1 host 192.168.1.123 and ! port 80 and ! port 25 and ! port 110 -w /Tmp/xxx.cap

Catch vlan 1 package tcpdump -i eth1 port 80 and vlan 1 -w /tmp/xxx.cap

Catch pppoe password tcpdump -i eth1 pppoes -w /tmp/xxx.cap

Split files in 100m size, open another file over 100m-C 100m

Catch 10000 packages and exit -c 10000

Backstage Packet capture, console exit will not affect: nohup tcpdump -i eth1 port 110 -w /tmp/xxx.cap &

The file can be opened directly with ethereal or wireshark. Wireshark is the new version of ethereal, the program changed its name, haha.

Linux Tutorial
Windows system
The three query methods for the last reboot time of the Linux system

For the engineers who are developing or operating the Linux platform, it is often necessary to query
3 ways to quickly experience the Linux operating system

With Windows for a long time, it will inevitably start to lack freshness, so some people will try to
How to add a static route to Linux

Today, I have brought the steps of adding static routes for Linux, I hope to help my friends! 1. Add
Linux Mint 13 RC Release Download

Linux Mint is an Ubuntu-based distribution whose goal is to provide a more complete and immediate ex
Linux partition considerations

1. /The root partition is a mandatory partition, partitioned according to your actual situation. 2.
How to set up rm -rf recycle bin in linux

  After linux rm deletes the file, recovery is more troublesome. Even if it is restored, the file na
  • Linux system FAQ
  • Linux Tutorial
  • About Linux

    • Easy to learn anti-word document printing

    Win10 10537 preview version of the start video New animation /icon changes

    How to add user avatar under win10 system

    Browser Internet Explorer has stopped working

    Windows 7 built-in function to adjust the partition is not asking for people

    Microsoft's new Fresh Paint comes with Win8.1

    iOS8.4 Brush Graphic Tutorial

    WinXP wireless connection does not prompt "Windows can not configure this wireless connection" how to solve?

    Win10 closes Action Center icons and notification methods

    Windows7 system download total drop how to solve (1)

  • Windows XP System Tutorial
  • Windows 7 System Tutorial
  • Windows 8 System Tutorial
  • Windows 10 System Tutorial
  • Windows 2003 System Tutorial
  • Windows 2008 System Tutorial
  • Windows Vista System Tutorial
  • Windows tutorial synthesis
  • Windows Server System Tutorial
  • Linux system Tutorial
  • Computer software Tutorial
  • Windows NT Tutorial
    • Copyright © Windows knowledge All Rights Reserved