tcpdump 实践

[root@192 ~]# yum -y install  tcpdump socat
[root@192 ~]# socat -u UDP-LISTEN:9999,fork -
开放一个udp的服务端,持续监听

[root@192 ~]# echo "Hello, UDP Server" | socat - UDP:192.168.100.132:9999 
再开一个终端发送udp请求

[root@192 ~]# socat -u UDP-LISTEN:9999,fork -
Hello, UDP Server
Hello, UDP Server
Hello, UDP Server
查看udp服务端发现 显示信息

[root@192 ~]# tcpdump -i any udp port 9999
tcpdump: verbose output suppressed, use -v or -vv for full protocol decode
listening on any, link-type LINUX_SLL (Linux cooked), capture size 262144 bytes
22:48:16.864661 IP 192.168.100.132.47482 > 192.168.100.132.distinct: UDP, length 18
22:48:18.025725 IP 192.168.100.132.57232 > 192.168.100.132.distinct: UDP, length 18
tcpdump也能抓住发送过来的udp

[root@192 ~]# tcpdump -i any  tcp port 80
抓tcp
[root@192 ~]# tcpdump -i ens32 port 80  and src host 192.168.100.3
抓tcp并过滤来源
posted @ 2024-09-21 23:19  supermao12  阅读(18)  评论(0编辑  收藏  举报