{"id":62067,"date":"2025-04-29T14:15:14","date_gmt":"2025-04-29T06:15:14","guid":{"rendered":"https:\/\/fwq.ai\/blog\/62067\/"},"modified":"2025-04-29T14:15:14","modified_gmt":"2025-04-29T06:15:14","slug":"linux-%e7%bd%91%e7%bb%9c%e6%8a%93%e5%8c%85%e5%88%86%e6%9e%90%e5%b7%a5%e5%85%b7-2","status":"publish","type":"post","link":"https:\/\/fwq.ai\/blog\/62067\/","title":{"rendered":"Linux \u7f51\u7edc\u6293\u5305\u5206\u6790\u5de5\u5177"},"content":{"rendered":"<p> <br \/>\n<strong><span style=\"font-family: mp-quote, -apple-system-font, BlinkMacSystemFont,\"><strong><span style=\"letter-spacing: 1px\"><img decoding=\"async\" src=\"https:\/\/img.php.cn\/upload\/article\/001\/275\/013\/222be5b175aa2423205b1530dd2b1968-0.png\" class=\"aligncenter\" title=\"Linux \u7f51\u7edc\u6293\u5305\u5206\u6790\u5de5\u5177\u63d2\u56fe\" alt=\"Linux \u7f51\u7edc\u6293\u5305\u5206\u6790\u5de5\u5177\u63d2\u56fe\" \/><br \/><\/span><\/strong><\/span><\/strong>  <\/p>\n<h3>\u4e00\u3001tcpdump<\/h3>\n<h2>1\u3001\u4f5c\u7528<\/h2>\n<blockquote style=\"margin-top: 20px;margin-bottom: 20px;padding: 10px 10px 10px 1em;border-left-width: 2px;font-size: 0.9em;letter-spacing: 0.544px;font-family: Optima-Regular, Optima, PingFangSC-light, PingFangTC-light,\">\n<p style=\"margin-bottom: 16px;padding-top: 8px;padding-bottom: 8px;font-size: 16px;text-align: justify;color: black;line-height: 1.75em\">tcpdump \u6307\u4ee4\u53ef\u5217\u51fa\u7ecf\u8fc7\u6307\u5b9a\u7f51\u7edc\u754c\u9762\u7684\u6570\u636e\u5305\u6587\u4ef6\u5934\uff0c\u53ef\u4ee5\u5c06\u7f51\u7edc\u4e2d\u4f20\u9001\u7684\u6570\u636e\u5305\u7684 \u201c\u5934\u201d \u5b8c\u5168\u622a\u83b7\u4e0b\u6765\u63d0\u4f9b\u5206\u6790\u3002\u5b83\u652f\u6301\u9488\u5bf9\u7f51\u7edc\u5c42\u3001\u534f\u8bae\u3001\u4e3b\u673a\u3001\u7f51\u7edc\u6216\u7aef\u53e3\u7684\u8fc7\u6ee4\uff0c\u5e76\u63d0\u4f9b and\u3001or\u3001not \u7b49\u903b\u8f91\u8bed\u53e5\u6765\u5e2e\u52a9\u4f60\u6458\u53d6\u6709\u7528\u4fe1\u606f\u3002<\/p>\n<\/blockquote>\n<blockquote style=\"margin-top: 20px;margin-bottom: 20px;padding: 10px 10px 10px 1em;border-left-width: 2px;font-size: 0.9em;letter-spacing: 0.544px;font-family: Optima-Regular, Optima, PingFangSC-light, PingFangTC-light,\">\n<p style=\"margin-bottom: 16px;padding-top: 8px;padding-bottom: 8px;font-size: 16px;text-align: justify;color: black;line-height: 1.75em\">\u7531\u4e8e\u5b83\u9700\u8981\u5c06\u7f51\u7edc\u63a5\u53e3\u8bbe\u7f6e\u4e3a\u6df7\u6742\u6a21\u5f0f\uff0c\u666e\u901a\u7528\u6237\u4e0d\u80fd\u6b63\u5e38\u6267\u884c\uff0c\u4f46\u5177\u5907 root \u6743\u9650\u7684\u7528\u6237\u53ef\u4ee5\u76f4\u63a5\u6267\u884c\u5b83\u6765\u83b7\u53d6\u7f51\u7edc\u4e0a\u7684\u4fe1\u606f<\/p>\n<\/blockquote>\n<p style=\"margin-bottom: 16px;padding-top: 8px;padding-bottom: 8px;letter-spacing: 0.544px;font-family: Optima-Regular, Optima, PingFangSC-light, PingFangTC-light,\"><strong>\u5176\u4ed6\u6293\u5305\u5de5\u5177<\/strong><\/p>\n<ul>\n<li>\n<p style=\"margin-bottom: 16px;padding-top: 8px;padding-bottom: 8px;color: black;text-align: justify;line-height: 1.75em\">wireshark\u5177\u6709\u56fe\u5f62\u5316\u548c\u547d\u4ee4\u884c\u4e24\u79cd\u7248\u672c\uff0c\u53ef\u4ee5\u5bf9 tcpdump \u6293\u7684\u5305\u8fdb\u884c\u5206\u6790\uff0c\u5176\u4e3b\u8981\u529f\u80fd\u5c31\u662f\u5206\u6790\u6570\u636e\u5305\u3002<\/p>\n<\/li>\n<li>\n<p style=\"margin-bottom: 16px;padding-top: 8px;padding-bottom: 8px;color: black;text-align: justify;line-height: 1.75em\">ngrep\u5b83\u5c06\u6293\u5230\u7684\u5305\u6570\u636e\u4ee5\u6587\u672c\u5f62\u5f0f\u76f4\u63a5\u663e\u793a\u51fa\u6765\uff0c\u9002\u7528\u4e8e\u5305\u6570\u636e\u5305\u542b\u6587\u672c\u7684[\u6293\u5305]\u5206\u6790 (\u5982 HTTP\u3001MySQL)<\/p>\n<\/li>\n<\/ul>\n<h2>2\u3001\u547d\u4ee4\u9009\u9879<\/h2>\n<blockquote style=\"margin-top: 20px;margin-bottom: 20px;padding: 10px 10px 10px 1em;border-left-width: 2px;font-size: 0.9em;letter-spacing: 0.544px;font-family: Optima-Regular, Optima, PingFangSC-light, PingFangTC-light,\">\n<p style=\"margin-bottom: 16px;padding-top: 8px;padding-bottom: 8px;font-size: 16px;text-align: justify;color: black;line-height: 1.75em\"><strong>tcpdump [\u9009\u9879] [\u534f\u8bae] [\u6570\u636e\u6d41\u65b9\u5411] [\u8303\u56f4]<\/strong><\/p>\n<\/blockquote>\n<ul>\n<li>\n<p style=\"margin-top: 5px;margin-bottom: 16px;line-height: 1.75em\">-a \u5c06\u7f51\u7edc\u5730\u5740\u548c\u5e7f\u64ad\u5730\u5740\u8f6c\u53d8\u6210\u540d\u5b57<\/p>\n<\/li>\n<li>\n<p style=\"margin-top: 5px;margin-bottom: 16px;line-height: 1.75em\">-A \u4ee5 ASCII \u683c\u5f0f\u6253\u5370\u51fa\u6240\u6709\u5206\u7ec4\uff0c\u5e76\u5c06\u94fe\u8def\u5c42\u7684\u5934\u6700\u5c0f\u5316<\/p>\n<\/li>\n<li>\n<p style=\"margin-top: 5px;margin-bottom: 16px;line-height: 1.75em\">-b \u6570\u636e\u94fe\u8def\u5c42\u4e0a\u9009\u62e9\u534f\u8bae\uff0c\u5305\u62ec ip\/arp\/rarp\/ipx \u90fd\u5728\u8fd9\u4e00\u5c42<\/p>\n<\/li>\n<li>\n<p style=\"margin-top: 5px;margin-bottom: 16px;line-height: 1.75em\">-c \u6307\u5b9a\u6536\u53d6\u6570\u636e\u5305\u7684\u6b21\u6570\uff0c\u5373\u5728\u6536\u5230\u6307\u5b9a\u6570\u91cf\u7684\u6570\u636e\u5305\u540e\u9000\u51fa tcpdump<\/p>\n<\/li>\n<li>\n<p style=\"margin-top: 5px;margin-bottom: 16px;line-height: 1.75em\">-d \u5c06\u5339\u914d\u4fe1\u606f\u5305\u7684\u4ee3\u7801\u4ee5\u4eba\u4eec\u80fd\u591f\u7406\u89e3\u7684\u6c47\u7f16\u683c\u5f0f\u8f93\u51fa<\/p>\n<\/li>\n<li>\n<p style=\"margin-top: 5px;margin-bottom: 16px;line-height: 1.75em\">-dd &nbsp;\u5c06\u5339\u914d\u4fe1\u606f\u5305\u7684\u4ee3\u7801\u4ee5 c \u8bed\u8a00\u7a0b\u5e8f\u6bb5\u7684\u683c\u5f0f\u8f93\u51fa<\/p>\n<\/li>\n<li>\n<p style=\"margin-top: 5px;margin-bottom: 16px;line-height: 1.75em\">-ddd \u5c06\u5339\u914d\u4fe1\u606f\u5305\u7684\u4ee3\u7801\u4ee5\u5341\u8fdb\u5236\u7684\u5f62\u5f0f\u8f93\u51fa<\/p>\n<\/li>\n<li>\n<p style=\"margin-top: 5px;margin-bottom: 16px;line-height: 1.75em\">-D \u6253\u5370\u7cfb\u7edf\u4e2d\u6240\u6709\u53ef\u4ee5\u76d1\u63a7\u7684\u7f51\u7edc\u63a5\u53e3<\/p>\n<\/li>\n<li>\n<p style=\"margin-top: 5px;margin-bottom: 16px;line-height: 1.75em\">-e \u5728\u8f93\u51fa\u884c\u6253\u5370\u51fa\u6570\u636e\u94fe\u8def\u5c42\u7684\u5934\u90e8\u4fe1\u606f<\/p>\n<\/li>\n<li>\n<p style=\"margin-top: 5px;margin-bottom: 16px;line-height: 1.75em\">-f \u5c06\u5916\u90e8\u7684 Internet \u5730\u5740\u4ee5\u6570\u5b57\u7684\u5f62\u5f0f\u6253\u5370\u51fa\u6765\uff0c\u5373\u4e0d\u663e\u793a\u4e3b\u673a\u540d<\/p>\n<\/li>\n<li>\n<p style=\"margin-top: 5px;margin-bottom: 16px;line-height: 1.75em\">-F \u4ece\u6307\u5b9a\u7684\u6587\u4ef6\u4e2d\u8bfb\u53d6\u8868\u8fbe\u5f0f\uff0c\u5ffd\u7565\u5176\u4ed6\u7684\u8868\u8fbe\u5f0f<\/p>\n<\/li>\n<li>\n<p style=\"margin-top: 5px;margin-bottom: 16px;line-height: 1.75em\">-i \u6307\u5b9a\u76d1\u542c\u7f51\u7edc\u63a5\u53e3<\/p>\n<\/li>\n<li>\n<p style=\"margin-top: 5px;margin-bottom: 16px;line-height: 1.75em\">-l \u4f7f\u6807\u51c6\u8f93\u51fa\u53d8\u4e3a\u7f13\u51b2\u5f62\u5f0f\uff0c\u53ef\u4ee5\u6570\u636e\u5bfc\u51fa\u5230\u6587\u4ef6<\/p>\n<\/li>\n<li>\n<p style=\"margin-top: 5px;margin-bottom: 16px;line-height: 1.75em\">-L \u5217\u51fa\u7f51\u7edc\u63a5\u53e3\u5df2\u77e5\u7684\u6570\u636e\u94fe\u8def<\/p>\n<\/li>\n<li>\n<p style=\"margin-top: 5px;margin-bottom: 16px;line-height: 1.75em\">-n \u4e0d\u628a\u7f51\u7edc\u5730\u5740\u8f6c\u6362\u4e3a\u540d\u5b57<\/p>\n<\/li>\n<li>\n<p style=\"margin-top: 5px;margin-bottom: 16px;line-height: 1.75em\">-N \u4e0d\u8f93\u51fa\u4e3b\u673a\u540d\u4e2d\u7684\u57df\u540d\u90e8\u5206\uff0c\u4f8b\u5982 www.baidu.com \u53ea\u8f93\u51fa www<\/p>\n<\/li>\n<li>\n<p style=\"margin-top: 5px;margin-bottom: 16px;line-height: 1.75em\">-nn \u4e0d\u8fdb\u884c\u7aef\u53e3\u540d\u79f0\u7684\u8f6c\u6362<\/p>\n<\/li>\n<li>\n<p style=\"margin-top: 5px;margin-bottom: 16px;line-height: 1.75em\">-P \u4e0d\u5c06\u7f51\u7edc\u63a5\u53e3\u8bbe\u7f6e\u4e3a\u6df7\u6742\u6a21\u5f0f<\/p>\n<\/li>\n<li>\n<p style=\"margin-top: 5px;margin-bottom: 16px;line-height: 1.75em\">-q \u5feb\u901f\u8f93\u51fa\uff0c\u5373\u53ea\u8f93\u51fa\u8f83\u5c11\u7684\u534f\u8bae\u4fe1\u606f<\/p>\n<\/li>\n<li>\n<p style=\"margin-top: 5px;margin-bottom: 16px;line-height: 1.75em\">-r \u4ece\u6307\u5b9a\u7684\u6587\u4ef6\u4e2d\u8bfb\u53d6\u6570\u636e\uff0c\u4e00\u822c\u662f &#8211; w \u4fdd\u5b58\u7684\u6587\u4ef6<\/p>\n<\/li>\n<li>\n<p style=\"margin-top: 5px;margin-bottom: 16px;line-height: 1.75em\">-w \u5c06\u6355\u83b7\u5230\u7684\u4fe1\u606f\u4fdd\u5b58\u5230\u6587\u4ef6\u4e2d\uff0c\u4e14\u4e0d\u5206\u6790\u548c\u6253\u5370\u5728\u5c4f\u5e55<\/p>\n<\/li>\n<li>\n<p style=\"margin-top: 5px;margin-bottom: 16px;line-height: 1.75em\">-s \u4ece\u6bcf\u4e2a\u7ec4\u4e2d\u8bfb\u53d6\u5728\u5f00\u59cb\u7684 snaplen \u4e2a\u5b57\u8282\uff0c\u800c\u4e0d\u662f\u9ed8\u8ba4\u7684 68 \u4e2a\u5b57\u8282<\/p>\n<\/li>\n<li>\n<p style=\"margin-top: 5px;margin-bottom: 16px;line-height: 1.75em\">-S \u5c06 tcp \u7684\u5e8f\u5217\u53f7\u4ee5\u7edd\u5bf9\u503c\u5f62\u5f0f\u8f93\u51fa\uff0c\u800c\u4e0d\u662f\u76f8\u5bf9\u503c<\/p>\n<\/li>\n<li>\n<p style=\"margin-top: 5px;margin-bottom: 16px;line-height: 1.75em\">-T \u5c06\u76d1\u542c\u5230\u7684\u5305\u76f4\u63a5\u89e3\u6790\u4e3a\u6307\u5b9a\u7684\u7c7b\u578b\u7684\u62a5\u6587\uff0c\u5e38\u89c1\u7684\u7c7b\u578b\u6709 rpc\uff08\u8fdc\u7a0b\u8fc7\u7a0b\u8c03\u7528\uff09\u548c snmp\uff08\u7b80\u5355\u7f51\u7edc\u7ba1\u7406\u534f\u8bae\uff09<\/p>\n<\/li>\n<li>\n<p style=\"margin-top: 5px;margin-bottom: 16px;line-height: 1.75em\">-t \u5728\u8f93\u51fa\u7684\u6bcf\u4e00\u884c\u4e0d\u6253\u5370\u65f6\u95f4\u6233<\/p>\n<\/li>\n<li>\n<p style=\"margin-top: 5px;margin-bottom: 16px;line-height: 1.75em\">-tt \u5728\u6bcf\u4e00\u884c\u4e2d\u8f93\u51fa\u975e\u683c\u5f0f\u5316\u7684\u65f6\u95f4\u6233<\/p>\n<\/li>\n<li>\n<p style=\"margin-top: 5px;margin-bottom: 16px;line-height: 1.75em\">-ttt \u8f93\u51fa\u672c\u884c\u548c\u524d\u9762\u4ee5\u540e\u4e4b\u95f4\u7684\u65f6\u95f4\u5dee<\/p>\n<\/li>\n<li>\n<p style=\"margin-top: 5px;margin-bottom: 16px;line-height: 1.75em\">-tttt \u5728\u6bcf\u4e00\u884c\u4e2d\u8f93\u51fa data \u5904\u7406\u7684\u9ed8\u8ba4\u683c\u5f0f\u7684\u65f6\u95f4\u6233<\/p>\n<\/li>\n<li>\n<p style=\"margin-top: 5px;margin-bottom: 16px;line-height: 1.75em\">-u \u8f93\u51fa\u672a\u89e3\u7801\u7684 NFS \u53e5\u67c4<\/p>\n<\/li>\n<li>\n<p style=\"margin-top: 5px;margin-bottom: 16px;line-height: 1.75em\">-v \u8f93\u51fa\u7a0d\u5fae\u8be6\u7ec6\u7684\u4fe1\u606f\uff0c\u4f8b\u5982\u5728 ip \u5305\u4e2d\u53ef\u4ee5\u5305\u62ec ttl \u548c\u670d\u52a1\u7c7b\u578b\u7684\u4fe1\u606f<\/p>\n<\/li>\n<li>\n<p style=\"margin-top: 5px;margin-bottom: 16px;line-height: 1.75em\">-vv &nbsp;\u8f93\u51fa\u76f8\u4fe1\u7684\u4fdd\u62a5\u6587\u4fe1\u606f<\/p>\n<\/li>\n<\/ul>\n<h2>3\u3001tcpdump \u8868\u8fbe\u5f0f<\/h2>\n<p style=\"margin-bottom: 16px;padding-top: 8px;padding-bottom: 8px;letter-spacing: 0.544px;font-family: Optima-Regular, Optima, PingFangSC-light, PingFangTC-light,\">\u5173\u4e8e\u6570\u636e\u7c7b\u578b\u7684\u5173\u952e\u5b57<\/p>\n<p style=\"margin-bottom: 16px;padding-top: 8px;padding-bottom: 8px;letter-spacing: 0.544px;font-family: Optima-Regular, Optima, PingFangSC-light, PingFangTC-light,\">\u5305\u62ec host\u3001port\u3001net\uff1a<\/p>\n<blockquote style=\"margin-top: 20px;margin-bottom: 20px;padding: 10px 10px 10px 1em;border-left-width: 2px;font-size: 0.9em;letter-spacing: 0.544px;font-family: Optima-Regular, Optima, PingFangSC-light, PingFangTC-light,\">\n<p style=\"margin-bottom: 16px;padding-top: 8px;padding-bottom: 8px;font-size: 16px;text-align: justify;color: black;line-height: 1.75em\">host 192.168.100.1 \u8868\u793a\u4e00\u53f0\u4e3b\u673a\uff0cnet 192.168.100.0 \u8868\u793a\u4e00\u4e2a\u7f51\u7edc\u7f51\u6bb5\uff0cport 80 \u6307\u660e\u7aef\u53e3\u53f7\u4e3a 80\uff0c\u5728\u8fd9\u91cc\u5982\u679c\u6ca1\u6709\u6307\u660e\u6570\u636e\u7c7b\u578b\uff0c\u90a3\u4e48\u9ed8\u8ba4\u5c31\u662f host<\/p>\n<\/blockquote>\n<pre>\u725b\u903c\u554a\uff01\u63a5\u79c1\u6d3b\u5fc5\u5907\u7684&nbsp;N&nbsp;\u4e2a\u5f00\u6e90\u9879\u76ee\uff01\u8d76\u5feb\u6536\u85cf<\/pre>\n<p>  \u767b\u5f55\u540e\u590d\u5236   <\/p>\n<p style=\"margin-bottom: 16px;padding-top: 8px;padding-bottom: 8px;letter-spacing: 0.544px;font-family: Optima-Regular, Optima, PingFangSC-light, PingFangTC-light,\">\u6570\u636e\u4f20\u8f93\u65b9\u5411\u7684\u5173\u952e\u5b57<\/p>\n<blockquote style=\"margin-top: 20px;margin-bottom: 20px;padding: 10px 10px 10px 1em;border-left-width: 2px;font-size: 0.9em;letter-spacing: 0.544px;font-family: Optima-Regular, Optima, PingFangSC-light, PingFangTC-light,\">\n<p style=\"margin-bottom: 16px;padding-top: 8px;padding-bottom: 8px;font-size: 16px;text-align: justify;color: black;line-height: 1.75em\">\u5305\u62ec src\u3001dst\u3001dst or src\u3001dst and src\uff0c\u8fd9\u4e9b\u5173\u952e\u5b57\u6307\u660e\u4e86\u4f20\u8f93\u7684\u65b9\u5411\uff0c\u6bd4\u5982 src 192.168.100.1 \u8bf4\u660e\u6570\u636e\u5305\u6e90\u5730\u5740\u662f 192.168.100.1\u3002dst net 192.168.100.0 \u6307\u660e\u76ee\u7684\u7f51\u7edc\u5730\u5740\u662f 192.168.100.0\uff0c\u9ed8\u8ba4\u662f\u76d1\u63a7\u4e3b\u673a\u5bf9\u4e3b\u673a\u7684 src \u548c dst\uff0c\u5373\u9ed8\u8ba4\u76d1\u542c\u672c\u673a\u548c\u76ee\u6807\u4e3b\u673a\u7684\u6240\u6709\u6570\u636e<br \/><strong>\u534f\u8bae\u5173\u952e\u5b57<\/strong><\/p>\n<\/blockquote>\n<blockquote style=\"margin-top: 20px;margin-bottom: 20px;padding: 10px 10px 10px 1em;border-left-width: 2px;font-size: 0.9em;letter-spacing: 0.544px;font-family: Optima-Regular, Optima, PingFangSC-light, PingFangTC-light,\">\n<p style=\"margin-bottom: 16px;padding-top: 8px;padding-bottom: 8px;font-size: 16px;text-align: justify;color: black;line-height: 1.75em\">\u5305\u62ec ip\u3001arp\u3001rarp\u3001udp<\/p>\n<\/blockquote>\n<p style=\"margin-bottom: 16px;padding-top: 8px;padding-bottom: 8px;letter-spacing: 0.544px;font-family: Optima-Regular, Optima, PingFangSC-light, PingFangTC-light,\"><strong>\u5176\u4ed6\u5173\u952e\u5b57<\/strong><\/p>\n<ul>\n<li>\n<p style=\"margin-top: 5px;margin-bottom: 16px;line-height: 1.75em\">\u8fd0\u7b97\u7c7b\u578b\uff1aor\u3001and\u3001not\u3001\uff01<\/p>\n<\/li>\n<li>\n<p style=\"margin-top: 5px;margin-bottom: 16px;line-height: 1.75em\">\u8f85\u52a9\u529f\u80fd\u578b\uff1agateway\u3001less\u3001broadcast\u3001greater<\/p>\n<\/li>\n<\/ul>\n<h2>4\u3001tcpdump \u6355\u83b7\u65b9\u5f0f<\/h2>\n<blockquote style=\"margin-top: 20px;margin-bottom: 20px;padding: 10px 10px 10px 1em;border-left-width: 2px;font-size: 0.9em;letter-spacing: 0.544px;font-family: Optima-Regular, Optima, PingFangSC-light, PingFangTC-light,\">\n<p style=\"margin-bottom: 16px;padding-top: 8px;padding-bottom: 8px;font-size: 16px;text-align: justify;color: black;line-height: 1.75em\">tcpdump [\u534f\u8bae\u7c7b\u578b] [\u6e90\u6216\u76ee\u6807] [\u4e3b\u673a\u540d\u79f0\u6216 IP] [or\/and\/not\/! \u6761\u4ef6\u7ec4\u5408] [\u6e90\u6216\u76ee\u6807] [\u4e3b\u673a\u540d\u6216 IP] [or\/and\/not\/! \u6761\u4ef6\u7ec4\u5408] [\u7aef\u53e3] [\u7aef\u53e3\u53f7] \u2026\u2026 [or\/and\/not\/! \u6761\u4ef6\u7ec4\u5408] [\u6761\u4ef6]<\/p>\n<\/blockquote>\n<pre>&amp;gt;&nbsp;tcpdump&nbsp;&nbsp;ip&nbsp;dst&nbsp;192.168.10.1&nbsp;and&nbsp;src&nbsp;192.168.10.10&nbsp;and&nbsp;port&nbsp;80&nbsp;and&nbsp;host&nbsp;&nbsp;!www.baidu.com<\/pre>\n<p>  \u767b\u5f55\u540e\u590d\u5236   <\/p>\n<p style=\"margin-bottom: 16px;padding-top: 8px;padding-bottom: 8px;letter-spacing: 0.544px;font-family: Optima-Regular, Optima, PingFangSC-light, PingFangTC-light,\"><strong>tcpdump<\/strong><\/p>\n<blockquote style=\"margin-top: 20px;margin-bottom: 20px;padding: 10px 10px 10px 1em;border-left-width: 2px;font-size: 0.9em;letter-spacing: 0.544px;font-family: Optima-Regular, Optima, PingFangSC-light, PingFangTC-light,\">\n<p style=\"margin-bottom: 16px;padding-top: 8px;padding-bottom: 8px;font-size: 16px;text-align: justify;color: black;line-height: 1.75em\">\u9ed8\u8ba4\u76d1\u542c\u5728\u7b2c\u4e00\u5757\u7f51\u5361\uff0c\u76d1\u542c\u6240\u6709\u7ecf\u8fc7\u6b64\u7f51\u5361\u7684\u6570\u636e\u5305<\/p>\n<\/blockquote>\n<p><img decoding=\"async\" src=\"https:\/\/img.php.cn\/upload\/article\/001\/275\/013\/b638eb2016977d247a27ce6ece1a0d8b-1.png\" class=\"aligncenter\" title=\"Linux \u7f51\u7edc\u6293\u5305\u5206\u6790\u5de5\u5177\u63d2\u56fe1\" alt=\"Linux \u7f51\u7edc\u6293\u5305\u5206\u6790\u5de5\u5177\u63d2\u56fe1\" \/>   <\/p>\n<pre>&amp;gt;&nbsp;tcpdump&nbsp;&nbsp;-i&nbsp;&nbsp;ens33<\/pre>\n<p>  \u767b\u5f55\u540e\u590d\u5236   <\/p>\n<blockquote style=\"margin-top: 20px;margin-bottom: 20px;padding: 10px 10px 10px 1em;border-left-width: 2px;font-size: 0.9em;letter-spacing: 0.544px;font-family: Optima-Regular, Optima, PingFangSC-light, PingFangTC-light,\">\n<p style=\"margin-bottom: 16px;padding-top: 8px;padding-bottom: 8px;font-size: 16px;text-align: justify;color: black;line-height: 1.75em\">\u76d1\u542c\u6307\u5b9a\u7f51\u5361 ens33 \u7684\u6240\u6709\u4f20\u8f93\u6570\u636e\u5305<\/p>\n<\/blockquote>\n<p><img decoding=\"async\" src=\"https:\/\/img.php.cn\/upload\/article\/001\/275\/013\/b638eb2016977d247a27ce6ece1a0d8b-2.png\" class=\"aligncenter\" title=\"Linux \u7f51\u7edc\u6293\u5305\u5206\u6790\u5de5\u5177\u63d2\u56fe2\" alt=\"Linux \u7f51\u7edc\u6293\u5305\u5206\u6790\u5de5\u5177\u63d2\u56fe2\" \/>   <\/p>\n<pre>&amp;gt;&nbsp;tcpdump&nbsp;-i&nbsp;ens33&nbsp;host&nbsp;192.168.100.10<\/pre>\n<p>  \u767b\u5f55\u540e\u590d\u5236   <\/p>\n<blockquote style=\"margin-top: 20px;margin-bottom: 20px;padding: 10px 10px 10px 1em;border-left-width: 2px;font-size: 0.9em;letter-spacing: 0.544px;font-family: Optima-Regular, Optima, PingFangSC-light, PingFangTC-light,\">\n<p style=\"margin-bottom: 16px;padding-top: 8px;padding-bottom: 8px;font-size: 16px;text-align: justify;color: black;line-height: 1.75em\">\u6355\u83b7\u4e3b\u673a 192.168.100.10 \u7ecf\u8fc7\u7f51\u5361 ens33 \u7684\u6240\u6709\u6570\u636e\u5305\uff08\u4e5f\u53ef\u4ee5\u662f\u4e3b\u673a\u540d\uff0c\u4f46\u8981\u6c42\u53ef\u4ee5\u89e3\u6790\u51fa IP \u5730\u5740\uff09<\/p>\n<\/blockquote>\n<p><img decoding=\"async\" src=\"https:\/\/img.php.cn\/upload\/article\/001\/275\/013\/16b82ab88e3ab1bedb4f14cda94fd69c-3.png\" class=\"aligncenter\" title=\"Linux \u7f51\u7edc\u6293\u5305\u5206\u6790\u5de5\u5177\u63d2\u56fe3\" alt=\"Linux \u7f51\u7edc\u6293\u5305\u5206\u6790\u5de5\u5177\u63d2\u56fe3\" \/>  <\/p>\n<h2><img decoding=\"async\" src=\"https:\/\/img.php.cn\/upload\/article\/001\/275\/013\/16b82ab88e3ab1bedb4f14cda94fd69c-4.png\" class=\"aligncenter\" title=\"Linux \u7f51\u7edc\u6293\u5305\u5206\u6790\u5de5\u5177\u63d2\u56fe4\" alt=\"Linux \u7f51\u7edc\u6293\u5305\u5206\u6790\u5de5\u5177\u63d2\u56fe4\" \/><\/h2>\n<ul>\n<li>\n<p style=\"margin-top: 5px;margin-bottom: 16px;line-height: 1.75em\">\u7b2c\u4e00\u5217\uff1a\u62a5\u6587\u7684\u65f6\u95f4<\/p>\n<\/li>\n<li>\n<p style=\"margin-top: 5px;margin-bottom: 16px;line-height: 1.75em\">\u7b2c\u4e8c\u5217\uff1a\u7f51\u7edc\u534f\u8bae IP<\/p>\n<\/li>\n<li>\n<p style=\"margin-top: 5px;margin-bottom: 16px;line-height: 1.75em\">\u7b2c\u4e09\u5217\uff1a\u53d1\u9001\u65b9\u7684 ip \u5730\u5740\u3001\u7aef\u53e3\u53f7\u3001\u57df\u540d\uff0c\u4e0a\u56fe\u663e\u793a\u7684\u662f\u672c\u673a\u7684\u57df\u540d\uff0c\u53ef\u901a\u8fc7 \/ etc\/hosts \u67e5\u770b\u672c\u673a\u57df\u540d<\/p>\n<\/li>\n<li>\n<p style=\"margin-top: 5px;margin-bottom: 16px;line-height: 1.75em\">\u7b2c\u56db\u5217\uff1a\u7bad\u5934 &gt;\uff0c \u8868\u793a\u6570\u636e\u6d41\u5411<\/p>\n<\/li>\n<li>\n<p style=\"margin-top: 5px;margin-bottom: 16px;line-height: 1.75em\">\u7b2c\u4e94\u5217\uff1a\u63a5\u6536\u65b9\u7684 ip \u5730\u5740\u3001\u7aef\u53e3\u53f7\u3001\u57df\u540d\uff0c<\/p>\n<\/li>\n<li>\n<p style=\"margin-top: 5px;margin-bottom: 16px;line-height: 1.75em\">\u7b2c\u516d\u5217\uff1a\u5192\u53f7<\/p>\n<\/li>\n<li>\n<p style=\"margin-top: 5px;margin-bottom: 16px;line-height: 1.75em\">\u7b2c\u4e03\u5217\uff1a\u6570\u636e\u5305\u5185\u5bb9\uff0c\u62a5\u6587\u5934\u7684\u6458\u8981\u4fe1\u606f\uff0c\u6709 ttl\u3001\u62a5\u6587\u7c7b\u578b\u3001\u6807\u8bc6\u503c\u3001\u5e8f\u5217\u3001\u5305\u7684\u5927\u5c0f\u7b49\u4fe1\u606f<\/p>\n<\/li>\n<\/ul>\n<pre>&amp;gt;&nbsp;tcpdump&nbsp;host&nbsp;192.168.130.151&nbsp;and&nbsp;&nbsp;192.168.130.152or192.168.130.153192.168.130.152or192.168.130.153<\/pre>\n<p>  \u767b\u5f55\u540e\u590d\u5236   <\/p>\n<blockquote style=\"margin-top: 20px;margin-bottom: 20px;padding: 10px 10px 10px 1em;border-left-width: 2px;font-size: 0.9em;letter-spacing: 0.544px;font-family: Optima-Regular, Optima, PingFangSC-light, PingFangTC-light,\">\n<p style=\"margin-bottom: 16px;padding-top: 8px;padding-bottom: 8px;font-size: 16px;text-align: justify;color: black;line-height: 1.75em\">\u6355\u83b7\u4e3b\u673a 192.168.56.209 \u548c\u4e3b\u673a 192.168.56.210 \u6216 192.168.56.211 \u7684\u6240\u6709\u901a\u4fe1\u6570\u636e\u5305<\/p>\n<\/blockquote>\n<pre>&amp;gt;&nbsp;tcpdump&nbsp;ip&nbsp;host&nbsp;node9&nbsp;and&nbsp;not&nbsp;www.baidu.com<\/pre>\n<p>  \u767b\u5f55\u540e\u590d\u5236   <\/p>\n<blockquote style=\"margin-top: 20px;margin-bottom: 20px;padding: 10px 10px 10px 1em;border-left-width: 2px;font-size: 0.9em;letter-spacing: 0.544px;font-family: Optima-Regular, Optima, PingFangSC-light, PingFangTC-light,\">\n<p style=\"margin-bottom: 16px;padding-top: 8px;padding-bottom: 8px;font-size: 16px;text-align: justify;color: black;line-height: 1.75em\">\u6355\u83b7\u4e3b\u673a node9 \u4e0e\u5176\u4ed6\u4e3b\u673a\u4e4b\u95f4\uff08\u4e0d\u5305\u62ec www.baidu.com\uff09\u901a\u4fe1\u7684 ip \u6570\u636e\u5305<\/p>\n<\/blockquote>\n<pre>&amp;gt;&nbsp;tcpdump&nbsp;ip&nbsp;host&nbsp;node9&nbsp;and&nbsp;!&nbsp;www.baidu.com<\/pre>\n<p>  \u767b\u5f55\u540e\u590d\u5236   <\/p>\n<blockquote style=\"margin-top: 20px;margin-bottom: 20px;padding: 10px 10px 10px 1em;border-left-width: 2px;font-size: 0.9em;letter-spacing: 0.544px;font-family: Optima-Regular, Optima, PingFangSC-light, PingFangTC-light,\">\n<p style=\"margin-bottom: 16px;padding-top: 8px;padding-bottom: 8px;font-size: 16px;text-align: justify;color: black;line-height: 1.75em\">\u6355\u83b7 node9 \u4e0e\u5176\u4ed6\u6240\u6709\u4e3b\u673a\u7684\u901a\u4fe1\u6570\u636e\u5305\uff08\u4e0d\u5305\u62ec www.baidu.com\uff09<\/p>\n<\/blockquote>\n<pre>&amp;gt;&nbsp;tcpdump&nbsp;-i&nbsp;ens33&nbsp;src&nbsp;node10<\/pre>\n<p>  \u767b\u5f55\u540e\u590d\u5236   <\/p>\n<blockquote style=\"margin-top: 20px;margin-bottom: 20px;padding: 10px 10px 10px 1em;border-left-width: 2px;font-size: 0.9em;letter-spacing: 0.544px;font-family: Optima-Regular, Optima, PingFangSC-light, PingFangTC-light,\">\n<p style=\"margin-bottom: 16px;padding-top: 8px;padding-bottom: 8px;font-size: 16px;text-align: justify;color: black;line-height: 1.75em\">\u6355\u83b7\u6e90\u4e3b\u673a node10 \u53d1\u9001\u7684\u6240\u6709\u7684\u7ecf\u8fc7 ens33 \u7f51\u5361\u7684\u6240\u6709\u6570\u636e\u5305<\/p>\n<\/blockquote>\n<pre>&amp;gt;&nbsp;tcpdump&nbsp;-i&nbsp;ens33&nbsp;dst&nbsp;host&nbsp;www.baidu.com<\/pre>\n<p>  \u767b\u5f55\u540e\u590d\u5236   <\/p>\n<blockquote style=\"margin-top: 20px;margin-bottom: 20px;padding: 10px 10px 10px 1em;border-left-width: 2px;font-size: 0.9em;letter-spacing: 0.544px;font-family: Optima-Regular, Optima, PingFangSC-light, PingFangTC-light,\">\n<p style=\"margin-bottom: 16px;padding-top: 8px;padding-bottom: 8px;font-size: 16px;text-align: justify;color: black;line-height: 1.75em\">\u6355\u83b7\u6240\u6709\u53d1\u9001\u5230\u4e3b\u673a www.baidu.com \u7684\u6570\u636e\u5305<\/p>\n<\/blockquote>\n<blockquote style=\"margin-top: 20px;margin-bottom: 20px;padding: 10px 10px 10px 1em;border-left-width: 2px;font-size: 0.9em;letter-spacing: 0.544px;font-family: Optima-Regular, Optima, PingFangSC-light, PingFangTC-light,\">\n<p style=\"margin-bottom: 16px;padding-top: 8px;padding-bottom: 8px;font-size: 16px;text-align: justify;color: black;line-height: 1.75em\">\u76d1\u542c\u4e3b\u673a 192.168.56.1 \u548c 192.168.56.210 \u4e4b\u95f4 ip \u534f\u8bae\u7684 80 \u7aef\u53e3\u7684\u4e14\u6392\u9664 www.baidu.com \u901a\u4fe1\u7684\u6240\u6709\u6570\u636e\u5305\uff1a<\/p>\n<\/blockquote>\n<pre>&amp;gt;&nbsp;tcpdump&nbsp;ip&nbsp;dst&nbsp;192.168.56.1&nbsp;and&nbsp;src&nbsp;192.168.56.210&nbsp;and&nbsp;port&nbsp;80&nbsp;and&nbsp;host&nbsp;!&nbsp;baidu.com<\/pre>\n<p>  \u767b\u5f55\u540e\u590d\u5236   <\/p>\n<blockquote style=\"margin-top: 20px;margin-bottom: 20px;padding: 10px 10px 10px 1em;border-left-width: 2px;font-size: 0.9em;letter-spacing: 0.544px;font-family: Optima-Regular, Optima, PingFangSC-light, PingFangTC-light,\">\n<p style=\"margin-bottom: 16px;padding-top: 8px;padding-bottom: 8px;font-size: 16px;text-align: justify;color: black;line-height: 1.75em\">\u4e5f\u53ef\u4ee5\u5199\u6210 tcpdump ip dst 192.168.56.1 and src 192.168.56.210 and port 80 and host not www.baidu.com\uff0c\u5373 not \u548c\uff01\u90fd\u662f\u76f8\u540c\u7684\u53d6\u53cd\u7684\u610f\u601d<\/p>\n<\/blockquote>\n<pre>&amp;gt;&nbsp;tcpdump&nbsp;arp<\/pre>\n<p>  \u767b\u5f55\u540e\u590d\u5236   <\/p>\n<blockquote style=\"margin-top: 20px;margin-bottom: 20px;padding: 10px 10px 10px 1em;border-left-width: 2px;font-size: 0.9em;letter-spacing: 0.544px;font-family: Optima-Regular, Optima, PingFangSC-light, PingFangTC-light,\">\n<p style=\"margin-bottom: 16px;padding-top: 8px;padding-bottom: 8px;font-size: 16px;text-align: justify;color: black;line-height: 1.75em\">\u76d1\u63a7\u6307\u5b9a\u4e3b\u673a\u7684\u901a\u4fe1\u6570\u636e\u5305\u4e0e 1.9.1 \u65b9\u5f0f\u76f8\u540c<\/p>\n<\/blockquote>\n<pre>&amp;gt;&nbsp;tcpdump&nbsp;tcp&nbsp;port&nbsp;22&nbsp;and&nbsp;host&nbsp;192.168.56.210<\/pre>\n<p>  \u767b\u5f55\u540e\u590d\u5236   <\/p>\n<blockquote style=\"margin-top: 20px;margin-bottom: 20px;padding: 10px 10px 10px 1em;border-left-width: 2px;font-size: 0.9em;letter-spacing: 0.544px;font-family: Optima-Regular, Optima, PingFangSC-light, PingFangTC-light,\">\n<p style=\"margin-bottom: 16px;padding-top: 8px;padding-bottom: 8px;font-size: 16px;text-align: justify;color: black;line-height: 1.75em\">\u6355\u83b7\u4e3b\u673a 192.168.56.210 \u63a5\u6536\u548c\u53d1\u51fa\u7684 tcp \u534f\u8bae\u7684 ssh \u7684\u6570\u636e\u5305<\/p>\n<\/blockquote>\n<blockquote style=\"margin-top: 20px;margin-bottom: 20px;padding: 10px 10px 10px 1em;border-left-width: 2px;font-size: 0.9em;letter-spacing: 0.544px;font-family: Optima-Regular, Optima, PingFangSC-light, PingFangTC-light,\">\n<p style=\"margin-bottom: 16px;padding-top: 8px;padding-bottom: 8px;font-size: 16px;text-align: justify;color: black;line-height: 1.75em\">tcpdump udp port 53<\/p>\n<\/blockquote>\n<blockquote style=\"margin-top: 20px;margin-bottom: 20px;padding: 10px 10px 10px 1em;border-left-width: 2px;font-size: 0.9em;letter-spacing: 0.544px;font-family: Optima-Regular, Optima, PingFangSC-light, PingFangTC-light,\">\n<p style=\"margin-bottom: 16px;padding-top: 8px;padding-bottom: 8px;font-size: 16px;text-align: justify;color: black;line-height: 1.75em\">\u76d1\u542c\u672c\u673a udp \u7684 53 \u7aef\u53e3\u7684\u6570\u636e\u5305\uff0cudp \u662f dns \u534f\u8bae\u7684\u7aef\u53e3\uff0c\u8fd9\u4e5f\u662f\u4e00\u4e2a dns \u57df\u540d\u89e3\u6790\u7684\u5b8c\u6574\u8fc7\u7a0b<\/p>\n<\/blockquote>\n<h2>5\u3001\u5e38\u7528\u7684\u8fc7\u6ee4\u6761\u4ef6<\/h2>\n<p style=\"margin-bottom: 16px;padding-top: 8px;padding-bottom: 8px;letter-spacing: 0.544px;font-family: Optima-Regular, Optima, PingFangSC-light, PingFangTC-light,\">tcpdump \u53ef\u4ee5\u652f\u6301\u903b\u8f91\u8fd0\u7b97\u7b26<\/p>\n<blockquote style=\"margin-top: 20px;margin-bottom: 20px;padding: 10px 10px 10px 1em;border-left-width: 2px;font-size: 0.9em;letter-spacing: 0.544px;font-family: Optima-Regular, Optima, PingFangSC-light, PingFangTC-light,\">\n<p style=\"margin-bottom: 16px;padding-top: 8px;padding-bottom: 8px;font-size: 16px;text-align: justify;color: black;line-height: 1.75em\">and: \u4e0e\u8fd0\u7b97\uff0c\u6240\u6709\u7684\u6761\u4ef6\u90fd\u9700\u8981\u6ee1\u8db3\uff0c\u53ef\u7528 \u201cand\u201d\u548c \u201c&amp;&amp;\u201d \u8868\u793a<br \/>or\uff1a\u6216\u8fd0\u884c\uff0c\u53ea\u8981\u6709\u4e00\u4e2a\u6761\u4ef6\u6ee1\u8db3\u5c31\u53ef\u4ee5\uff0c\u53ef\u7528 \u201cor\u201d \u548c\u201c|\u201d\u8868\u793a<br \/>not\uff1a\u53d6\u53cd\uff0c\u5373\u53d6\u53cd\u6761\u4ef6\uff0c\u53ef\u4ee5\u7528 \u201cnot\u201d \u548c\u201c\uff01\u201d\u8868\u793a<\/p>\n<\/blockquote>\n<pre>&amp;gt;&nbsp;tcpdump&nbsp;icmp&nbsp;and&nbsp;src&nbsp;192.168.100.10&nbsp;-i&nbsp;ens33&nbsp;-n<\/pre>\n<p>  \u767b\u5f55\u540e\u590d\u5236   <\/p>\n<p style=\"margin-bottom: 16px;padding-top: 8px;padding-bottom: 8px;letter-spacing: 0.544px;font-family: Optima-Regular, Optima, PingFangSC-light, PingFangTC-light,\">\u8fc7\u6ee4 icmp \u62a5\u6587\u5e76\u4e14\u6e90 IP \u662f 192.168.100.10<\/p>\n<blockquote style=\"margin-top: 20px;margin-bottom: 20px;padding: 10px 10px 10px 1em;border-left-width: 2px;font-size: 0.9em;letter-spacing: 0.544px;font-family: Optima-Regular, Optima, PingFangSC-light, PingFangTC-light,\">\n<p style=\"margin-bottom: 16px;padding-top: 8px;padding-bottom: 8px;font-size: 16px;text-align: justify;color: black;line-height: 1.75em\">\u591a\u6761\u4ef6\u683c\u5f0f<br \/>&nbsp; &nbsp; \u5728\u4f7f\u7528\u591a\u4e2a\u8fc7\u6ee4\u6761\u4ef6\u8fdb\u884c\u7ec4\u5408\u65f6\uff0c\u6709\u53ef\u80fd\u9700\u8981\u7528\u5230\u62ec\u53f7\uff0c\u800c\u62ec\u53f7\u5728 shell \u4e2d\u662f\u7279\u6b8a\u7b26\u53f7\uff0c\u53c8\u9700\u8981\u4f7f\u7528\u5f15\u53f7\u5c06\u5176\u5305\u542b\u3002\u7528\u62ec\u53f7\u7684\u4e3b\u8981\u4f5c\u7528\u662f\u903b\u8f91\u8fd0\u7b97\u7b26\u4e4b\u95f4\u5b58\u5728\u4f18\u5148\u7ea7\uff0c!&gt;and &gt; or, \u4e3a\u4f8b\u6761\u4ef6\u80fd\u591f\u7cbe\u786e\u6240\u4ee5\u9700\u8981\u5bf9\u4e00\u4e9b\u5fc5\u8981\u7684\u7ec4\u5408\u62ec\u53f7\u62ec\u8d77\u6765\uff0c\u800c\u62ec\u53f7\u7684\u610f\u601d\u76f8\u5f53\u4e8e\u52a0\u51cf\u8fd0\u7b97\u4e00\u6837\uff0c\u62ec\u8d77\u6765\u7684\u5185\u5bb9\u4f5c\u4e3a\u4e00\u4e2a\u6574\u4f53\u8fdb\u884c\u903b\u8f91\u8fd0\u7b97\u3002<\/p>\n<\/blockquote>\n<p style=\"margin-bottom: 16px;padding-top: 8px;padding-bottom: 8px;letter-spacing: 0.544px;font-family: Optima-Regular, Optima, PingFangSC-light, PingFangTC-light,\">\u8fc7\u6ee4\u6e90\u5730\u5740\u662f 192.168.100.1 \u5e76\u4e14\u76ee\u7684\u5730\u5740\u662f 192.168.20.20 \u7684\u6570\u636e\u5305\u6216\u8005 ARP \u534f\u8bae\u7684\u5305\u3002\u53e6\u5916\uff0c\u641c\u7d22\u516c\u4f17\u53f7Linux\u5c31\u8be5\u8fd9\u6837\u5b66\u540e\u53f0\u56de\u590d\u201cLinux\u201d\uff0c\u83b7\u53d6\u4e00\u4efd\u60ca\u559c\u793c\u5305\u3002<\/p>\n<p style=\"margin-bottom: 0px;padding-top: 8px;padding-bottom: 8px;letter-spacing: 0.544px;font-family: Optima-Regular, Optima, PingFangSC-light, PingFangTC-light,\"><img decoding=\"async\" src=\"https:\/\/img.php.cn\/upload\/article\/001\/275\/013\/82f21f139158db90aac157f6d719494e-5.png\" class=\"aligncenter\" title=\"Linux \u7f51\u7edc\u6293\u5305\u5206\u6790\u5de5\u5177\u63d2\u56fe5\" alt=\"Linux \u7f51\u7edc\u6293\u5305\u5206\u6790\u5de5\u5177\u63d2\u56fe5\" \/><\/p>\n<pre>&amp;gt;&nbsp;tcpdump&nbsp;**src**&nbsp;host&nbsp;192.168.10.10&nbsp;-i&nbsp;ens33&nbsp;-n&nbsp;-c&nbsp;5<\/pre>\n<p>  \u767b\u5f55\u540e\u590d\u5236   <\/p>\n<blockquote style=\"margin-top: 20px;margin-bottom: 20px;padding: 10px 10px 10px 1em;border-left-width: 2px;font-size: 0.9em;letter-spacing: 0.544px;font-family: Optima-Regular, Optima, PingFangSC-light, PingFangTC-light,\">\n<p style=\"margin-bottom: 16px;padding-top: 8px;padding-bottom: 8px;font-size: 16px;text-align: justify;color: black;line-height: 1.75em\">\u8fc7\u6ee4\u6e90 IP \u5730\u5740\u662f 192.168.10.10 \u7684\u5305<\/p>\n<\/blockquote>\n<p><img decoding=\"async\" src=\"https:\/\/img.php.cn\/upload\/article\/001\/275\/013\/82f21f139158db90aac157f6d719494e-6.png\" class=\"aligncenter\" title=\"Linux \u7f51\u7edc\u6293\u5305\u5206\u6790\u5de5\u5177\u63d2\u56fe6\" alt=\"Linux \u7f51\u7edc\u6293\u5305\u5206\u6790\u5de5\u5177\u63d2\u56fe6\" \/><\/p>\n<pre>&amp;gt;&nbsp;tcpdump&nbsp;**dst**&nbsp;host&nbsp;192.168.10.10&nbsp;-i&nbsp;ens33&nbsp;-n&nbsp;-c&nbsp;5<\/pre>\n<p>  \u767b\u5f55\u540e\u590d\u5236   <\/p>\n<blockquote style=\"margin-top: 20px;margin-bottom: 20px;padding: 10px 10px 10px 1em;border-left-width: 2px;font-size: 0.9em;letter-spacing: 0.544px;font-family: Optima-Regular, Optima, PingFangSC-light, PingFangTC-light,\">\n<p style=\"margin-bottom: 16px;padding-top: 8px;padding-bottom: 8px;font-size: 16px;text-align: justify;color: black;line-height: 1.75em\">\u8fc7\u6ee4\u76ee\u7684 IP \u5730\u5740\u662f 192.168.10.10 \u7684\u5305<\/p>\n<\/blockquote>\n<p><img decoding=\"async\" src=\"https:\/\/img.php.cn\/upload\/article\/001\/275\/013\/82f21f139158db90aac157f6d719494e-7.png\" class=\"aligncenter\" title=\"Linux \u7f51\u7edc\u6293\u5305\u5206\u6790\u5de5\u5177\u63d2\u56fe7\" alt=\"Linux \u7f51\u7edc\u6293\u5305\u5206\u6790\u5de5\u5177\u63d2\u56fe7\" \/>  <\/p>\n<blockquote style=\"max-width:90%\">\n<p style=\"margin-bottom: 16px;padding-top: 8px;padding-bottom: 8px;font-size: 16px;text-align: justify;color: black;line-height: 1.75em\"><strong>\u57fa\u4e8e\u7aef\u53e3\u8fdb\u884c\u8fc7\u6ee4<\/strong><\/p>\n<\/blockquote>\n<pre>&amp;gt;&nbsp;tcpdump&nbsp;port&nbsp;22&nbsp;-i&nbsp;ens33&nbsp;-n&nbsp;-c&nbsp;5&nbsp;&nbsp;\n&amp;gt;&nbsp;\u8fc7\u6ee4\u7aef\u53e3\u53f7\u4e3a&nbsp;22&nbsp;\u5373&nbsp;ssh&nbsp;\u534f\u8bae\u7684<\/pre>\n<p>  \u767b\u5f55\u540e\u590d\u5236<br \/>\n<img decoding=\"async\" src=\"https:\/\/img.php.cn\/upload\/article\/001\/275\/013\/d7c33e55a398613630fbf2825f3d9c5f-8.png\" class=\"aligncenter\" title=\"Linux \u7f51\u7edc\u6293\u5305\u5206\u6790\u5de5\u5177\u63d2\u56fe8\" alt=\"Linux \u7f51\u7edc\u6293\u5305\u5206\u6790\u5de5\u5177\u63d2\u56fe8\" \/>   <\/p>\n<pre>&amp;gt;&nbsp;&nbsp;tcpdump&nbsp;portrange&nbsp;22-433&nbsp;-i&nbsp;ens33&nbsp;-n&nbsp;-c&nbsp;8<\/pre>\n<p>  \u767b\u5f55\u540e\u590d\u5236   <\/p>\n<blockquote style=\"margin-top: 20px;margin-bottom: 20px;padding: 10px 10px 10px 1em;border-left-width: 2px;font-size: 0.9em;letter-spacing: 0.544px;font-family: Optima-Regular, Optima, PingFangSC-light, PingFangTC-light,\">\n<p style=\"margin-bottom: 16px;padding-top: 8px;padding-bottom: 8px;font-size: 16px;text-align: justify;color: black;line-height: 1.75em\">\u8fc7\u6ee4\u7aef\u53e3\u53f7 22-433 \u5185\u7684\u6570\u636e\u5305<\/p>\n<\/blockquote>\n<p><img decoding=\"async\" src=\"https:\/\/img.php.cn\/upload\/article\/001\/275\/013\/d7c33e55a398613630fbf2825f3d9c5f-9.png\" class=\"aligncenter\" title=\"Linux \u7f51\u7edc\u6293\u5305\u5206\u6790\u5de5\u5177\u63d2\u56fe9\" alt=\"Linux \u7f51\u7edc\u6293\u5305\u5206\u6790\u5de5\u5177\u63d2\u56fe9\" \/>  <\/p>\n<h3>\u4e8c\u3001wireshark<\/h3>\n<h2>1\u3001\u4ec0\u4e48\u662f wireshark<\/h2>\n<blockquote style=\"margin-top: 20px;margin-bottom: 20px;padding: 10px 10px 10px 1em;border-left-width: 2px;font-size: 0.9em;letter-spacing: 0.544px;font-family: Optima-Regular, Optima, PingFangSC-light, PingFangTC-light,\">\n<p style=\"margin-bottom: 16px;padding-top: 8px;padding-bottom: 8px;font-size: 16px;text-align: justify;color: black;line-height: 1.75em\">Wireshark \u662f\u4e00\u4e2a\u7f51\u7edc\u5c01\u5305\u5206\u6790\u8f6f\u4ef6\u3002\u7f51\u7edc\u5c01\u5305\u5206\u6790\u8f6f\u4ef6\u7684\u529f\u80fd\u662f\u6355\u83b7\u7f51\u7edc\u6570\u636e\u5305\uff0c\u5e76\u5c3d\u53ef\u80fd\u663e\u793a\u51fa\u6700\u4e3a\u8be6\u7ec6\u7684\u7f51\u7edc\u5c01\u5305\u8d44\u6599\u3002Wireshark \u4f7f\u7528 WinPCAP \u4f5c\u4e3a\u63a5\u53e3\uff0c\u76f4\u63a5\u4e0e\u7f51\u5361\u8fdb\u884c\u6570\u636e\u62a5\u6587\u4ea4\u6362<\/p>\n<\/blockquote>\n<h2>2\u3001\u5b89\u88c5 wireshark<\/h2>\n<blockquote style=\"margin-top: 20px;margin-bottom: 20px;padding: 10px 10px 10px 1em;border-left-width: 2px;font-size: 0.9em;letter-spacing: 0.544px;font-family: Optima-Regular, Optima, PingFangSC-light, PingFangTC-light,\">\n<p style=\"margin-bottom: 16px;padding-top: 8px;padding-bottom: 8px;font-size: 16px;text-align: justify;color: black;line-height: 1.75em\">Linux \u4e2d\u6709\u4e24\u4e2a\u7248\u672c\u7684 wireshark\uff0c\u4e00\u4e2a\u662f wireshark\uff0c\u8fd9\u4e2a\u7248\u672c\u662f\u65e0\u56fe\u5f62\u5316\u754c\u9762\uff0c\u57fa\u672c\u547d\u4ee4\u662f\u201dtshark\u201c\u3002<\/p>\n<\/blockquote>\n<blockquote style=\"margin-top: 20px;margin-bottom: 20px;padding: 10px 10px 10px 1em;border-left-width: 2px;font-size: 0.9em;letter-spacing: 0.544px;font-family: Optima-Regular, Optima, PingFangSC-light, PingFangTC-light,\">\n<p style=\"margin-bottom: 16px;padding-top: 8px;padding-bottom: 8px;font-size: 16px;text-align: justify;color: black;line-height: 1.75em\">\u4e00\u4e2a\u662f wireshark-gnome\uff08\u754c\u9762\u7248\u672c\uff09\uff0c\u8fd9\u4e2a\u7248\u672c\u53ea\u80fd\u5b89\u88c5\u5728\u652f\u6301 GUI \u529f\u80fd\u7684 Linux \u7684\u7248\u672c\u4e2d\u3002<\/p>\n<\/blockquote>\n<pre>&amp;gt;&nbsp;yum&nbsp;-y&nbsp;install&nbsp;wireshark&nbsp;\/\/&nbsp;\u5b89\u88c5\u65e0\u56fe\u5f62\u5316\u7248\u672c&nbsp;&nbsp;\n&amp;gt;&nbsp;yum&nbsp;-y&nbsp;install&nbsp;wireshark-gnome&nbsp;\/\/&nbsp;\u5b89\u88c5\u56fe\u5f62\u5316\u7248\u672c<\/pre>\n<p>  \u767b\u5f55\u540e\u590d\u5236<br \/>\n<img decoding=\"async\" src=\"https:\/\/img.php.cn\/upload\/article\/001\/275\/013\/ab8be8f3e6cc23dc391b5d11d1ecbf32-10.png\" class=\"aligncenter\" title=\"Linux \u7f51\u7edc\u6293\u5305\u5206\u6790\u5de5\u5177\u63d2\u56fe10\" alt=\"Linux \u7f51\u7edc\u6293\u5305\u5206\u6790\u5de5\u5177\u63d2\u56fe10\" \/><br \/>\n<img decoding=\"async\" src=\"https:\/\/img.php.cn\/upload\/article\/001\/275\/013\/ab8be8f3e6cc23dc391b5d11d1ecbf32-11.png\" class=\"aligncenter\" title=\"Linux \u7f51\u7edc\u6293\u5305\u5206\u6790\u5de5\u5177\u63d2\u56fe11\" alt=\"Linux \u7f51\u7edc\u6293\u5305\u5206\u6790\u5de5\u5177\u63d2\u56fe11\" \/><br \/>\n<img decoding=\"async\" src=\"https:\/\/img.php.cn\/upload\/article\/001\/275\/013\/ab8be8f3e6cc23dc391b5d11d1ecbf32-12.png\" class=\"aligncenter\" title=\"Linux \u7f51\u7edc\u6293\u5305\u5206\u6790\u5de5\u5177\u63d2\u56fe12\" alt=\"Linux \u7f51\u7edc\u6293\u5305\u5206\u6790\u5de5\u5177\u63d2\u56fe12\" \/>  <\/p>\n<blockquote style=\"max-width:90%\">\n<p style=\"margin-bottom: 16px;padding-top: 8px;padding-bottom: 8px;font-size: 16px;text-align: justify;color: black;line-height: 1.75em\"><strong>\u6ce8<\/strong>:\u8fd9\u91cc\u7684\u901a\u8fc7 yum \u8fdb\u884c\u5b89\u88c5\uff0c\u9700\u8981\u63d0\u524d\u505a\u597d epel \u6e90\uff08\u5373\u7ea2\u5e3d\u64cd\u4f5c\u7cfb\u7edf\u989d\u5916\u62d3\u5c55\u5305\uff09\uff0c\u88c5\u4e0a\u4e86 EPEL \u4e4b\u540e\uff0c\u5c31\u76f8\u5f53\u4e8e\u6dfb\u52a0\u4e86\u4e00\u4e2a\u7b2c\u4e09\u65b9\u6e90\u3002\u5b98\u65b9\u7684 rpm repository \u63d0\u4f9b\u7684 rpm \u5305\u4e5f\u4e0d\u591f\u4e30\u5bcc\uff0c\u5f88\u591a\u65f6\u5019\u9700\u8981\u81ea\u5df1\u7f16\u8bd1\u90a3\u592a\u8f9b\u82e6\u4e86\uff0c\u800c EPEL \u53ef\u4ee5\u89e3\u51b3\u5b98\u65b9 yum \u6e90\u6570\u636e\u5305\u4e0d\u591f\u4e30\u5bcc\u7684\u60c5\u51b5\u3002<\/p>\n<\/blockquote>\n<p style=\"margin-bottom: 16px;padding-top: 8px;padding-bottom: 8px;letter-spacing: 0.544px;font-family: Optima-Regular, Optima, PingFangSC-light, PingFangTC-light,\"><strong>\u5b89\u88c5epel\u6e90<\/strong><\/p>\n<pre>&amp;gt;&nbsp;&nbsp;yum&nbsp;-y&nbsp;install&nbsp;epel-release<\/pre>\n<p>  \u767b\u5f55\u540e\u590d\u5236<br \/>\n<img decoding=\"async\" src=\"https:\/\/img.php.cn\/upload\/article\/001\/275\/013\/cc12442a07cf33637bd87c855978bd07-13.png\" class=\"aligncenter\" title=\"Linux \u7f51\u7edc\u6293\u5305\u5206\u6790\u5de5\u5177\u63d2\u56fe13\" alt=\"Linux \u7f51\u7edc\u6293\u5305\u5206\u6790\u5de5\u5177\u63d2\u56fe13\" \/>  <\/p>\n<h2>3\u3001tshark \u547d\u4ee4<\/h2>\n<pre>tshark&nbsp;\u662f&nbsp;wireshark&nbsp;\u7684\u547d\u4ee4\u884c\u5de5\u5177&nbsp;&nbsp;\n&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;tshark&nbsp;\u9009\u9879&nbsp;\u53c2\u6570&nbsp;&nbsp;\n&nbsp;&nbsp;&nbsp;&nbsp;-i\uff1a\u6307\u5b9a\u6355\u83b7\u7684\u7f51\u5361\u63a5\u53e3\uff0c\u4e0d\u8bbe\u7f6e\u9ed8\u8ba4\u7b2c\u4e00\u4e2a\u975e\u73af\u56de\u53e3\u63a5\u53e3&nbsp;&nbsp;\n&nbsp;&nbsp;&nbsp;&nbsp;-D\uff1a\u663e\u793a\u6240\u6709\u53ef\u7528\u7684\u7f51\u7edc\u63a5\u53e3\u5217\u8868&nbsp;&nbsp;\n&nbsp;&nbsp;&nbsp;&nbsp;-f\uff1a\u6307\u5b9a\u6761\u4ef6\u8868\u8fbe\u5f0f\uff0c\u4e0e&nbsp;tcpdump&nbsp;\u76f8\u540c&nbsp;&nbsp;\n&nbsp;&nbsp;&nbsp;&nbsp;-s\uff1a\u8bbe\u7f6e\u6bcf\u4e2a\u6293\u5305\u7684\u5927\u5c0f\uff0c\u9ed8\u8ba4&nbsp;65535\uff0c\u591a\u4e8e\u8fd9\u4e2a\u5927\u5c0f\u7684\u6570\u636e\u5c06\u4e0d\u4f1a\u4e0d\u4f1a\u88ab\u622a\u53d6\u3002&nbsp;&nbsp;\n&nbsp;&nbsp;&nbsp;&nbsp;-c\uff1a\u6355\u83b7\u6307\u5b9a\u6570\u91cf\u7684\u6570\u636e\u5305\u540e\u9000\u51fa&nbsp;&nbsp;\n&nbsp;&nbsp;&nbsp;&nbsp;-w\uff1a\u540e\u63a5\u6587\u4ef6\u540d\uff0c\u5c06\u6293\u5305\u7684\u7ed3\u679c\u8f93\u51fa\u5230.&nbsp;pcap&nbsp;\u6587\u4ef6\u4e2d\uff0c\u53ef\u4ee5\u501f\u52a9\u5176\u4ed6\u7f51\u7edc\u5206\u6790\u5de5\u5177\u8fdb\u884c\u5206&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;\u6790\uff0c\u4e5f\u53ef\u4ee5\u4f7f\u7528\u91cd\u5b9a\u5411&nbsp;&amp;gt;&nbsp;\u628a\u89e3\u7801\u540e\u7684\u8f93\u51fa\u7ed3\u679c\u4ee5&nbsp;txt&nbsp;\u7684\u683c\u5f0f\u8f93\u51fa\u3002&nbsp;&nbsp;\n&nbsp;&nbsp;&nbsp;&nbsp;-p\uff1a\u8bbe\u7f6e\u7f51\u7edc\u63a5\u53e3\u4ee5\u975e\u6df7\u5408\u6a21\u5f0f\u5de5\u4f5c\uff0c\u5373\u53ea\u5173\u5fc3\u548c\u672c\u673a\u6709\u5173\u7684\u6d41\u91cf&nbsp;&nbsp;\n&nbsp;&nbsp;&nbsp;&nbsp;-r\uff1a\u540e\u63a5\u6587\u4ef6\u8def\u5f84\uff0c\u7528\u4e8e\u5206\u6790\u4fdd\u6301\u597d\u7684\u7f51\u7edc\u5305\u6587\u4ef6\uff0c\u6bd4\u5982&nbsp;tcpdump&nbsp;\u7684\u8f93\u51fa\u6587\u4ef6&nbsp;&nbsp;\n&nbsp;&nbsp;&nbsp;&nbsp;-n\uff1a\u7981\u6b62\u6240\u6709\u5730\u5740\u540d\u5b57\u89e3\u6790\uff0c\u5373\u7981\u6b62\u57df\u540d\u89e3\u6790,&nbsp;\u9ed8\u8ba4\u662f\u5141\u8bb8\u6240\u6709&nbsp;&nbsp;\n&nbsp;&nbsp;&nbsp;-N\uff1a\u6307\u5b9a\u5bf9\u67d0\u4e00\u5c42\u7684\u5730\u5740\u540d\u5b57\u89e3\u6790\uff0c\u5982\u679c&nbsp;-&nbsp;n&nbsp;\u548c&nbsp;-&nbsp;N&nbsp;\u540c\u65f6\u5b58\u5728\uff0c\u5219&nbsp;-&nbsp;n&nbsp;\u5c06\u88ab\u5ffd\u7565\uff0c\u5982\u679c\u4e24\u8005\u90fd\u4e0d\u5199\uff0c\u5219\u4f1a\u9ed8\u8ba4\u6253\u5f00\u6240\u6709\u5730\u5740\u540d\u5b57\u89e3\u6790&nbsp;&nbsp;\n&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;m\uff1a\u4ee3\u8868\u6570\u636e\u94fe\u8def\u5c42&nbsp;&nbsp;\n&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;n\uff1a\u4ee3\u8868\u7f51\u7edc\u5c42&nbsp;&nbsp;\n&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;t\uff1a\u4ee3\u8868\u4f20\u8f93\u5c42&nbsp;&nbsp;\n&nbsp;&nbsp;&nbsp;&nbsp;-V\uff1a\u8bbe\u7f6e\u5c06\u89e3\u7801\u7ed3\u679c\u7684\u7ec6\u8282\u8f93\u51fa\uff0c\u5426\u5219\u89e3\u7801\u7ed3\u679c\u4ec5\u663e\u793a\u4e00\u4e2a&nbsp;packet&nbsp;\u4e00\u884c\u7684&nbsp;summary&nbsp;&nbsp;\n&nbsp;&nbsp;&nbsp;&nbsp;-t\uff1a\u8bbe\u7f6e\u7ed3\u679c\u7684\u65f6\u95f4\u683c\u5f0f&nbsp;&nbsp;\n&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;ad\uff1a\u8868\u793a\u5e26\u65e5\u671f\u7684\u7edd\u5bf9\u65f6\u95f4&nbsp;&nbsp;\n&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;a\uff1a\u8868\u793a\u4e0d\u5e26\u65e5\u671f\u7684\u7edd\u5bf9\u65f6\u95f4&nbsp;&nbsp;\n&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;r\uff1a\u8868\u793a\u4ece\u7b2c\u4e00\u4e2a\u5305\u5230\u73b0\u5728\u7684\u76f8\u5bf9\u65f6\u95f4&nbsp;&nbsp;\n&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;d\uff1a\u8868\u793a\u4e24\u4e2a\u76f8\u90bb\u5305\u4e4b\u95f4\u7684\u589e\u91cf\u65f6\u95f4<\/pre>\n<p>  \u767b\u5f55\u540e\u590d\u5236    <\/p>\n<pre>tshark&nbsp;-f&nbsp;\"icmp\"&nbsp;-i&nbsp;ens33&nbsp;-V&nbsp;-c&nbsp;1<\/pre>\n<p>  \u767b\u5f55\u540e\u590d\u5236   <\/p>\n<p style=\"margin-bottom: 16px;padding-top: 8px;padding-bottom: 8px;letter-spacing: 0.544px;font-family: Optima-Regular, Optima, PingFangSC-light, PingFangTC-light,\">\u8fc7\u6ee4 icmp \u62a5\u6587\uff0c\u5e76\u5c55\u5f00\u8be6\u7ec6\u4fe1\u606f\u3002\u53e6\u5916\uff0c\u641c\u7d22\u516c\u4f17\u53f7\u7f16\u7a0b\u6280\u672f\u5708\u540e\u53f0\u56de\u590d\u201c1024\u201d\uff0c\u83b7\u53d6\u4e00\u4efd\u60ca\u559c\u793c\u5305\u3002<\/p>\n<pre>tshark&nbsp;-f&nbsp;\"arp\"&nbsp;-i&nbsp;ens33<\/pre>\n<p>  \u767b\u5f55\u540e\u590d\u5236   <\/p>\n<blockquote style=\"margin-top: 20px;margin-bottom: 20px;padding: 10px 10px 10px 1em;border-left-width: 2px;font-size: 0.9em;letter-spacing: 0.544px;font-family: Optima-Regular, Optima, PingFangSC-light, PingFangTC-light,\">\n<p style=\"margin-bottom: 16px;padding-top: 8px;padding-bottom: 8px;font-size: 16px;text-align: justify;color: black;line-height: 1.75em\">\u8fc7\u6ee4 arp \u62a5\u6587<\/p>\n<\/blockquote>\n<p><img decoding=\"async\" src=\"https:\/\/img.php.cn\/upload\/article\/001\/275\/013\/cc12442a07cf33637bd87c855978bd07-14.png\" class=\"aligncenter\" title=\"Linux \u7f51\u7edc\u6293\u5305\u5206\u6790\u5de5\u5177\u63d2\u56fe14\" alt=\"Linux \u7f51\u7edc\u6293\u5305\u5206\u6790\u5de5\u5177\u63d2\u56fe14\" \/><br \/>\n<img decoding=\"async\" src=\"https:\/\/img.php.cn\/upload\/article\/001\/275\/013\/cc12442a07cf33637bd87c855978bd07-15.png\" class=\"aligncenter\" title=\"Linux \u7f51\u7edc\u6293\u5305\u5206\u6790\u5de5\u5177\u63d2\u56fe15\" alt=\"Linux \u7f51\u7edc\u6293\u5305\u5206\u6790\u5de5\u5177\u63d2\u56fe15\" \/>  <\/p>\n<h2>4\u3001\u56fe\u5f62\u5316\u754c\u9762<\/h2>\n<p><img decoding=\"async\" src=\"https:\/\/img.php.cn\/upload\/article\/001\/275\/013\/373da91ec6d2e913c4bad4fa9d4083e1-16.png\" class=\"aligncenter\" title=\"Linux \u7f51\u7edc\u6293\u5305\u5206\u6790\u5de5\u5177\u63d2\u56fe16\" alt=\"Linux \u7f51\u7edc\u6293\u5305\u5206\u6790\u5de5\u5177\u63d2\u56fe16\" \/><br \/>\n<img decoding=\"async\" src=\"https:\/\/img.php.cn\/upload\/article\/001\/275\/013\/373da91ec6d2e913c4bad4fa9d4083e1-17.png\" class=\"aligncenter\" title=\"Linux \u7f51\u7edc\u6293\u5305\u5206\u6790\u5de5\u5177\u63d2\u56fe17\" alt=\"Linux \u7f51\u7edc\u6293\u5305\u5206\u6790\u5de5\u5177\u63d2\u56fe17\" \/>  <\/p>\n<p><img decoding=\"async\" src=\"https:\/\/img.php.cn\/upload\/article\/001\/275\/013\/373da91ec6d2e913c4bad4fa9d4083e1-18.png\" class=\"aligncenter\" title=\"Linux \u7f51\u7edc\u6293\u5305\u5206\u6790\u5de5\u5177\u63d2\u56fe18\" alt=\"Linux \u7f51\u7edc\u6293\u5305\u5206\u6790\u5de5\u5177\u63d2\u56fe18\" \/><\/p>\n<p style=\"margin-bottom: 16px;padding-top: 8px;padding-bottom: 8px;letter-spacing: 0.544px;font-family: Optima-Regular, Optima, PingFangSC-light, PingFangTC-light,\">&nbsp;<\/p>\n<p><img decoding=\"async\" src=\"https:\/\/img.php.cn\/upload\/article\/001\/275\/013\/31f13ef1641b37836b3d7f12b5ff376f-19.png\" class=\"aligncenter\" title=\"Linux \u7f51\u7edc\u6293\u5305\u5206\u6790\u5de5\u5177\u63d2\u56fe19\" alt=\"Linux \u7f51\u7edc\u6293\u5305\u5206\u6790\u5de5\u5177\u63d2\u56fe19\" \/><\/p>\n<h3>\u4e09\u3001Tcpdump \u548c wireshark \u5408\u7528<\/h3>\n<blockquote style=\"margin-top: 20px;margin-bottom: 20px;padding: 10px 10px 10px 1em;border-left-width: 2px;font-size: 0.9em;letter-spacing: 0.544px;font-family: Optima-Regular, Optima, PingFangSC-light, PingFangTC-light,\">\n<p style=\"margin-bottom: 16px;padding-top: 8px;padding-bottom: 8px;font-size: 16px;text-align: justify;color: black;line-height: 1.75em\">Tcpdump \u89e3\u6790\u62a5\u6587\u4fe1\u606f\u6ca1\u6709 wireshark \u8be6\u7ec6\uff0c\u6240\u4ee5\u53ef\u4ee5\u901a\u8fc7 Tcpdump \u6355\u83b7\u6570\u636e\u5e76\u8f93\u51fa\uff0c\u518d\u901a\u8fc7 wireshark \u8fdb\u884c\u89e3\u6790\uff0c\u8f93\u51fa\u6587\u4ef6\u683c\u5f0f\u4e3a. pcap&nbsp; \u6216\u8005\u5176\u4ed6<\/p>\n<\/blockquote>\n<p><img decoding=\"async\" src=\"https:\/\/img.php.cn\/upload\/article\/001\/275\/013\/31f13ef1641b37836b3d7f12b5ff376f-20.png\" class=\"aligncenter\" title=\"Linux \u7f51\u7edc\u6293\u5305\u5206\u6790\u5de5\u5177\u63d2\u56fe20\" alt=\"Linux \u7f51\u7edc\u6293\u5305\u5206\u6790\u5de5\u5177\u63d2\u56fe20\" \/>  <\/p>\n<p style=\"max-width:90%\">\u5728\u865a\u62df\u673a\u4e0a\u901a\u8fc7 wireshark \u8bfb\u53d6<\/p>\n<p><img decoding=\"async\" src=\"https:\/\/img.php.cn\/upload\/article\/001\/275\/013\/a3184a07f74da782dde24fe45df66dc8-21.png\" class=\"aligncenter\" title=\"Linux \u7f51\u7edc\u6293\u5305\u5206\u6790\u5de5\u5177\u63d2\u56fe21\" alt=\"Linux \u7f51\u7edc\u6293\u5305\u5206\u6790\u5de5\u5177\u63d2\u56fe21\" \/>  <\/p>\n<p style=\"max-width:90%\">\u4f7f\u7528 ip.addr == [ip \u5730\u5740\u53f7] \u53ef\u4ee5\u8fc7\u6ee4\u6389\u65e0\u5173 ip<\/p>\n<p><img decoding=\"async\" src=\"https:\/\/img.php.cn\/upload\/article\/001\/275\/013\/a3184a07f74da782dde24fe45df66dc8-22.png\" class=\"aligncenter\" title=\"Linux \u7f51\u7edc\u6293\u5305\u5206\u6790\u5de5\u5177\u63d2\u56fe22\" alt=\"Linux \u7f51\u7edc\u6293\u5305\u5206\u6790\u5de5\u5177\u63d2\u56fe22\" \/><\/p>\n<p style=\"margin-bottom: 16px;padding-top: 8px;padding-bottom: 8px;letter-spacing: 0.544px;font-family: Optima-Regular, Optima, PingFangSC-light, PingFangTC-light,\">&nbsp;&nbsp;\u56fe\u5f62\u8bfb\u53d6<\/p>\n<p><img decoding=\"async\" src=\"https:\/\/img.php.cn\/upload\/article\/001\/275\/013\/274cdb6bcccbfba7d109e066c14fc2b6-23.png\" class=\"aligncenter\" title=\"Linux \u7f51\u7edc\u6293\u5305\u5206\u6790\u5de5\u5177\u63d2\u56fe23\" alt=\"Linux \u7f51\u7edc\u6293\u5305\u5206\u6790\u5de5\u5177\u63d2\u56fe23\" \/>  <\/p>\n<p style=\"max-width:90%\">\u7528 wireshark \u76f4\u63a5\u6253\u5f00\u67e5\u770b<\/p>\n<h1>\u603b\u7ed3<\/h1>\n<blockquote style=\"margin-top: 20px;margin-bottom: 20px;padding: 10px 10px 10px 1em;border-left-width: 2px;font-size: 0.9em;letter-spacing: 0.544px;font-family: Optima-Regular, Optima, PingFangSC-light, PingFangTC-light,\">\n<p style=\"margin-bottom: 16px;padding-top: 8px;padding-bottom: 8px;font-size: 16px;text-align: justify;color: black;line-height: 1.75em\">tcpdump \u548c wireshark \u4e24\u79cd\u5355\u4ee5\u6293\u5305\u7684\u529f\u80fd\u6765\u770b\uff0c\u662f\u76f8\u4f3c\u7684\uff0c\u4e24\u8005\u7684\u547d\u4ee4\u884c\u7684\u9009\u9879\u4e5f\u662f\u6709\u76f8\u540c\uff0c\u4f46\u662f tcpdump \u5bf9\u6570\u636e\u5305\u5206\u6790\u7684\u80fd\u529b\u4e0d\u662f\u5f88\u597d\uff0c\u540c\u65f6\u76ee\u524d\u5f88\u591a Linux \u5185\u7f6e\u5b89\u88c5\u4e86 tcpdump \u8fd9\u4e2a\u5de5\u5177\uff0c\u6240\u4ee5\u6211\u4eec\u53ef\u4ee5\u901a\u8fc7 tcpdump \u628a\u6570\u636e\u5305\u6293\u51fa\u5e76\u5b58\u653e\u5230\u6211\u4eec\u81ea\u5b9a\u4e49\u7684\u6587\u4ef6(.pcap)\u4e2d\uff0c\u518d\u901a\u8fc7\u628a\u6587\u4ef6\u53d6\u51fa\u7528 wireshark \u8fdb\u884c\u5206\u6790\u6392\u969c<\/p>\n<\/blockquote>\n<p><strong><span style=\"font-family: mp-quote, -apple-system-font, BlinkMacSystemFont,\"><strong><span style=\"letter-spacing: 1px\"><em><\/em><\/span><\/strong><\/span><\/strong>  <\/p>\n<p>\u4ee5\u4e0a\u5c31\u662fLinux \u7f51\u7edc\u6293\u5305\u5206\u6790\u5de5\u5177\u7684\u8be6\u7ec6\u5185\u5bb9\uff0c\u66f4\u591a\u8bf7\u5173\u6ce8FDCServers\u5176\u5b83\u76f8\u5173\u6587\u7ae0\uff01<\/p>\n","protected":false},"excerpt":{"rendered":"<p>\u4e00\u3001tcpdump 1\u3001\u4f5c\u7528 tcpdump \u6307\u4ee4\u53ef\u5217\u51fa\u7ecf\u8fc7\u6307\u5b9a\u7f51\u7edc\u754c\u9762\u7684\u6570\u636e\u5305\u6587\u4ef6\u5934\uff0c\u53ef\u4ee5\u5c06\u7f51\u7edc\u4e2d\u4f20\u9001\u7684\u6570\u636e\u5305\u7684 \u201c\u5934\u201d \u5b8c\u5168\u622a\u83b7\u4e0b\u6765\u63d0\u4f9b\u5206\u6790\u3002\u5b83\u652f\u6301\u9488\u5bf9\u7f51\u7edc\u5c42\u3001\u534f\u8bae\u3001\u4e3b\u673a\u3001\u7f51\u7edc\u6216\u7aef\u53e3\u7684\u8fc7\u6ee4\uff0c\u5e76\u63d0\u4f9b and\u3001or\u3001not \u7b49\u903b\u8f91\u8bed\u53e5\u6765\u5e2e\u52a9\u4f60\u6458\u53d6\u6709\u7528\u4fe1\u606f\u3002 \u7531\u4e8e\u5b83\u9700\u8981\u5c06\u7f51\u7edc\u63a5\u53e3\u8bbe\u7f6e\u4e3a\u6df7\u6742\u6a21\u5f0f\uff0c\u666e\u901a\u7528\u6237\u4e0d\u80fd\u6b63\u5e38\u6267\u884c\uff0c\u4f46\u5177\u5907 root \u6743\u9650\u7684\u7528\u6237\u53ef\u4ee5\u76f4\u63a5\u6267\u884c\u5b83\u6765\u83b7\u53d6\u7f51\u7edc\u4e0a\u7684\u4fe1\u606f \u5176\u4ed6\u6293\u5305\u5de5\u5177 wireshark\u5177\u6709\u56fe\u5f62\u5316\u548c\u547d\u4ee4\u884c\u4e24\u79cd\u7248\u672c\uff0c\u53ef\u4ee5\u5bf9 tcpdump \u6293\u7684\u5305\u8fdb\u884c\u5206\u6790\uff0c\u5176\u4e3b\u8981\u529f\u80fd\u5c31\u662f\u5206\u6790\u6570\u636e\u5305\u3002 ngrep\u5b83\u5c06\u6293\u5230\u7684\u5305\u6570\u636e\u4ee5\u6587\u672c\u5f62\u5f0f\u76f4\u63a5\u663e\u793a\u51fa\u6765\uff0c\u9002\u7528\u4e8e\u5305\u6570\u636e\u5305\u542b\u6587\u672c\u7684[\u6293\u5305]\u5206\u6790 (\u5982 HTTP\u3001MySQL) 2\u3001\u547d\u4ee4\u9009\u9879 tcpdump [\u9009\u9879] [\u534f\u8bae] [\u6570\u636e\u6d41\u65b9\u5411] [\u8303\u56f4] -a \u5c06\u7f51\u7edc\u5730\u5740\u548c\u5e7f\u64ad\u5730\u5740\u8f6c\u53d8\u6210\u540d\u5b57 -A \u4ee5 ASCII \u683c\u5f0f\u6253\u5370\u51fa\u6240\u6709\u5206\u7ec4\uff0c\u5e76\u5c06\u94fe\u8def\u5c42\u7684\u5934\u6700\u5c0f\u5316 -b \u6570\u636e\u94fe\u8def\u5c42\u4e0a\u9009\u62e9\u534f\u8bae\uff0c\u5305\u62ec ip\/arp\/rarp\/ipx \u90fd\u5728\u8fd9\u4e00\u5c42 -c \u6307\u5b9a\u6536\u53d6\u6570\u636e\u5305\u7684\u6b21\u6570\uff0c\u5373\u5728\u6536\u5230\u6307\u5b9a\u6570\u91cf\u7684\u6570\u636e\u5305\u540e\u9000\u51fa tcpdump -d \u5c06\u5339\u914d\u4fe1\u606f\u5305\u7684\u4ee3\u7801\u4ee5\u4eba\u4eec\u80fd\u591f\u7406\u89e3\u7684\u6c47\u7f16\u683c\u5f0f\u8f93\u51fa -dd &nbsp;\u5c06\u5339\u914d\u4fe1\u606f\u5305\u7684\u4ee3\u7801\u4ee5 c \u8bed\u8a00\u7a0b\u5e8f\u6bb5\u7684\u683c\u5f0f\u8f93\u51fa -ddd \u5c06\u5339\u914d\u4fe1\u606f\u5305\u7684\u4ee3\u7801\u4ee5\u5341\u8fdb\u5236\u7684\u5f62\u5f0f\u8f93\u51fa -D \u6253\u5370\u7cfb\u7edf\u4e2d\u6240\u6709\u53ef\u4ee5\u76d1\u63a7\u7684\u7f51\u7edc\u63a5\u53e3 -e \u5728\u8f93\u51fa\u884c\u6253\u5370\u51fa\u6570\u636e\u94fe\u8def\u5c42\u7684\u5934\u90e8\u4fe1\u606f -f \u5c06\u5916\u90e8\u7684 Internet \u5730\u5740\u4ee5\u6570\u5b57\u7684\u5f62\u5f0f\u6253\u5370\u51fa\u6765\uff0c\u5373\u4e0d\u663e\u793a\u4e3b\u673a\u540d -F \u4ece\u6307\u5b9a\u7684\u6587\u4ef6\u4e2d\u8bfb\u53d6\u8868\u8fbe\u5f0f\uff0c\u5ffd\u7565\u5176\u4ed6\u7684\u8868\u8fbe\u5f0f [&hellip;]<\/p>\n","protected":false},"author":1,"featured_media":0,"comment_status":"closed","ping_status":"","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[8],"tags":[],"class_list":["post-62067","post","type-post","status-publish","format-standard","hentry","category-os"],"_links":{"self":[{"href":"https:\/\/fwq.ai\/blog\/wp-json\/wp\/v2\/posts\/62067","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/fwq.ai\/blog\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/fwq.ai\/blog\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/fwq.ai\/blog\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/fwq.ai\/blog\/wp-json\/wp\/v2\/comments?post=62067"}],"version-history":[{"count":0,"href":"https:\/\/fwq.ai\/blog\/wp-json\/wp\/v2\/posts\/62067\/revisions"}],"wp:attachment":[{"href":"https:\/\/fwq.ai\/blog\/wp-json\/wp\/v2\/media?parent=62067"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/fwq.ai\/blog\/wp-json\/wp\/v2\/categories?post=62067"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/fwq.ai\/blog\/wp-json\/wp\/v2\/tags?post=62067"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}