tcpdump命令使用详解(3)

日期:2020-05-30 栏目:程序人生 浏览:

[root@linuxidc ~]# tcpdump -c 10 -i ens33 port 22
tcpdump: verbose output suppressed, use -v or -vv for full protocol decode
listening on ens33, link-type EN10MB (Ethernet), capture size 262144 bytes
01:42:31.847590 IP linuxidc.ssh > 10.1.1.1.55011: Flags [P.], seq 2765881522:2765881734, ack 3454706475, win 340, length 212
01:42:31.847902 IP 10.1.1.1.55011 > linuxidc.ssh: Flags [.], ack 212, win 2049, length 0
01:42:32.302931 IP linuxidc.ssh > 10.1.1.1.55011: Flags [P.], seq 212:488, ack 1, win 340, length 276
01:42:32.303095 IP linuxidc.ssh > 10.1.1.1.55011: Flags [P.], seq 488:652, ack 1, win 340, length 164
01:42:32.303185 IP 10.1.1.1.55011 > linuxidc.ssh: Flags [.], ack 652, win 2053, length 0
01:42:32.303329 IP linuxidc.ssh > 10.1.1.1.55011: Flags [P.], seq 652:912, ack 1, win 340, length 260
01:42:32.303569 IP linuxidc.ssh > 10.1.1.1.55011: Flags [P.], seq 912:1076, ack 1, win 340, length 164
01:42:32.303646 IP 10.1.1.1.55011 > linuxidc.ssh: Flags [.], ack 1076, win 2051, length 0
01:42:32.303747 IP linuxidc.ssh > 10.1.1.1.55011: Flags [P.], seq 1076:1336, ack 1, win 340, length 260
01:42:32.303876 IP linuxidc.ssh > 10.1.1.1.55011: Flags [P.], seq 1336:1500, ack 1, win 340, length 164
10 packets captured
11 packets received by filter
0 packets dropped by kernel
[root@linuxidc ~]# tcpdump -c 10 -i ens33 tcp port 22
tcpdump: verbose output suppressed, use -v or -vv for full protocol decode
listening on ens33, link-type EN10MB (Ethernet), capture size 262144 bytes
01:43:34.120931 IP 10.1.1.1.55011 > linuxidc.ssh: Flags [.], ack 2765885010, win 2048, length 0
01:43:34.123537 IP linuxidc.ssh > 10.1.1.1.55011: Flags [P.], seq 1:213, ack 0, win 340, length 212
01:43:34.164702 IP 10.1.1.1.55011 > linuxidc.ssh: Flags [.], ack 213, win 2047, length 0
01:43:34.645137 IP linuxidc.ssh > 10.1.1.1.55011: Flags [P.], seq 213:569, ack 0, win 340, length 356
01:43:34.645386 IP linuxidc.ssh > 10.1.1.1.55011: Flags [P.], seq 569:733, ack 0, win 340, length 164
01:43:34.645551 IP 10.1.1.1.55011 > linuxidc.ssh: Flags [.], ack 733, win 2053, length 0
01:43:34.645737 IP linuxidc.ssh > 10.1.1.1.55011: Flags [P.], seq 733:993, ack 0, win 340, length 260
01:43:34.645922 IP linuxidc.ssh > 10.1.1.1.55011: Flags [P.], seq 993:1157, ack 0, win 340, length 164
01:43:34.646021 IP 10.1.1.1.55011 > linuxidc.ssh: Flags [.], ack 1157, win 2051, length 0
01:43:34.646194 IP linuxidc.ssh > 10.1.1.1.55011: Flags [P.], seq 1157:1417, ack 0, win 340, length 260
10 packets captured
10 packets received by filter
0 packets dropped by kernel

10.抓取指定源、目的IP上的数据包。

上一篇:Snaps是适用于每个发行版的新Linux应用程序
下一篇:Debian9.5创建账户的一般操作方法

内容版权声明:除非注明,否则皆为本站原创文章。

转载注明出处:https://www.heiqu.com/12373.html

相关推荐