- 论坛徽章:
- 0
|
关于TCPDUMP使用问题?
不会吧...应该不会是乱码
我得example
[root@longlongago root]# tcpdump tcp and src net 168.168.0.0/16 and dst net not 168.168.0.0/16 and dst port not pop3
tcpdump: listening on eth0
22:53:03.679727 168.168.195.122.2082 >; 64.12.28.111.5192: P 1724461803:1724461809(6) ack 1658021106 win 64632 (DF)
22:53:07.523736 168.168.192.5.4782 >; intl3.geo.vip.scd.yahoo.com.http: S 135230584:135230584(0) win 8192 <mss 1460,nop,nop,sackOK>; (DF)
22:53:07.923642 168.168.195.16.1154 >; 64.12.25.115.5192: P 66285985:66285991(6) ack 3507173471 win 8216 (DF)
22:53:10.507745 168.168.192.5.4782 >; intl3.geo.vip.scd.yahoo.com.http: S 135230584:135230584(0) win 8192 <mss 1460,nop,nop,sackOK>; (DF)
22:53:14.420545 168.168.195.122.3895 >; 64.124.83.83.akamai.com.http: S 1070873682:1070873682(0) win 64240 <mss 1460,nop,nop,sackOK>; (DF)
22:53:14.587306 168.168.195.122.3895 >; 64.124.83.83.akamai.com.http: . ack 1557974009 win 64240 (DF)
22:53:14.587786 168.168.195.122.3895 >; 64.124.83.83.akamai.com.http: P 0:234(234) ack 1 win 64240 (DF)
22:53:14.795006 168.168.195.122.3895 >; 64.124.83.83.akamai.com.http: P 234:462(22 ack 163 win 64078 (DF)
22:53:15.007910 168.168.195.122.3895 >; 64.124.83.83.akamai.com.http: P 462:753(291) ack 536 win 63705 (DF)
22:53:15.295551 168.168.195.122.3895 >; 64.124.83.83.akamai.com.http: P 753:1048(295) ack 703 win 63538 (DF)
22:53:15.666014 168.168.195.122.3895 >; 64.124.83.83.akamai.com.http: . ack 870 win 63371 (DF)
22:53:16.111520 168.168.192.5.4783 >; intl3.geo.vip.scd.yahoo.com.http: S 135239174:135239174(0) win 8192 <mss 1460,nop,nop,sackOK>; (DF)
22:53:21.964044 168.168.195.122.3895 >; 64.124.83.83.akamai.com.http: R 1070874731:1070874731(0) win 0 (DF)
22:53:23.768906
14 packets received by filter
0 packets dropped by kernel |
|