tcpdump简单用法

1、环境说明

[root@localhost ~]# cat /etc/redhat-release
Red Hat Enterprise Linux Server release 7.0 (Maipo)

[root@localhost ~]# tcpdump -h
tcpdump version 4.5.1
libpcap version 1.5.3
Usage: tcpdump [-aAbdDefhHIJKlLnNOpqRStuUvxX] [ -B size ] [ -c count ]
[ -C file_size ] [ -E algo:secret ] [ -F file ] [ -G seconds ]
[ -i interface ] [ -j tstamptype ] [ -M secret ]
[ -P in|out|inout ]
[ -r file ] [ -s snaplen ] [ -T type ] [ -V file ] [ -w file ]
[ -W filecount ] [ -y datalinktype ] [ -z command ]
[ -Z user ] [ expression ]
2、常用法举例

2.1读取文件的数据并显示在屏幕上

[root@localhost ~]# tcpdump -r /home/hutao/test.pcap

2.2保存接口的前100个报文到某文件

[root@localhost ~]# tcpdump -i eno16777736 -w /home/hutao/test.pcap -c 100

2.3

posted @ 2020-04-09 21:11  大户人夹  阅读(234)  评论(0编辑  收藏  举报