将设为首页浏览此站
开启辅助访问 天气与日历 收藏本站联系我们切换到窄版

易陆发现论坛

 找回密码
 开始注册
易陆发现论坛»操作系统区 操作系统区 应用网络 Linux操作系统虚拟网络 tcpdump 抓包
查看: 6233|回复: 7
收起左侧

tcpdump 抓包

[复制链接]
admin
发表于 2018-12-12 20:02:59 | 显示全部楼层 |阅读模式

马上注册,结交更多好友,享用更多功能,让你轻松玩转社区。

您需要 登录 才可以下载或查看,没有帐号?开始注册

x
sudo tcpdump -i bond1.104 -v -vv -t   + w( E6 v/ Y  }6 ]1 ~( H6 H

5 W* r' L- S- O$ N- Q! H  y3 _/ P. q! S2 d
sudo tcpdump -i ens1f0 -vv -w /tmp/ens1f0.cap     抓包写如文件中
! {& q* A7 F! D4 V# L
点评回复

使用道具 举报

admin
 楼主| 发表于 2018-12-13 15:01:49 | 显示全部楼层
sudo tcpdump -i bond1.104 -vvv -t
2 w% t# M8 v% g4 }; G; e5 |" Ctcpdump: WARNING: bond1.104: no IPv4 address assigned2 X* D) O  N' a0 b
tcpdump: listening on bond1.104, link-type EN10MB (Ethernet), capture size 65535 bytes+ W9 \2 N, d0 E7 K8 U& L
IP (tos 0x0, ttl 64, id 18437, offset 0, flags [DF], proto ICMP (1), length 84)
: |5 B! C" A! t) w    CD--6 > 10.64.35.100: ICMP echo request, id 7024, seq 437, length 64
3 u) q9 U1 `6 A) c9 u$ AIP (tos 0x0, ttl 64, id 18437, offset 0, flags [DF], proto ICMP (1), length 84)
7 [: B' ~3 N6 \* {& `# i4 Y4 T& z    10.4.5.100 > CD--6: ICMP echo reply, id 7024, seq 437, length 64/ m8 d' c% I5 |8 B$ F1 h0 p
IP (tos 0x0, ttl 64, id 18696, offset 0, flags [DF], proto ICMP (1), length 84)
- y* e4 U4 a$ ^, |* _5 M    CD--6 > 10.4.5.100: ICMP echo request, id 7024, seq 438, length 641 ~! X  M- T9 V6 K" N- d3 s3 R- W- t
IP (tos 0x0, ttl 64, id 18696, offset 0, flags [DF], proto ICMP (1), length 84)! s+ P& y% X- o6 s4 T1 b/ U
    10.4.5.100 > CD--6: ICMP echo reply, id 7024, seq 438, length 64' d* O# b2 e% K: p$ J# G# [
IP (tos 0x0, ttl 64, id 18958, offset 0, flags [DF], proto ICMP (1), length 84)
  V0 C. r7 b! l# X    CD--6 > 10.4.5.100: ICMP echo request, id 7024, seq 439, length 645 g  P, ~3 H- X& T4 i' m* f5 @
IP (tos 0x0, ttl 64, id 18958, offset 0, flags [DF], proto ICMP (1), length 84)
7 g, ^0 k+ B* ^7 H    10.4.5.100 > CD--6: ICMP echo reply, id 7024, seq 439, length 64! H& U2 w2 m, d
IP (tos 0x0, ttl 64, id 19338, offset 0, flags [DF], proto ICMP (1), length 84)5 m- w6 U! Y# t
    CD--6 > 10.64.35.100: ICMP echo request, id 7024, seq 440, length 64
, c; h! ?- k$ k5 C( p* DIP (tos 0x0, ttl 64, id 19338, offset 0, flags [DF], proto ICMP (1), length 84)
( |) ?+ u% N% ]# K; _4 p) F6 k    10.4.5.100 > CD--6: ICMP echo reply, id 7024, seq 440, length 64
点评回复 支持 反对

使用道具 举报

admin01
发表于 2018-12-14 18:13:01 | 显示全部楼层
sudo tcpdump -i bond1 -vv -e icmp  抓取ICMP包。
点评回复 支持 反对

使用道具 举报

1320503165
发表于 2018-12-14 18:15:28 | 显示全部楼层
sudo  tcpdump -i vnet7 -vv -e icmp   抓取vnet7子接口地址
点评回复 支持 反对

使用道具 举报

admin
 楼主| 发表于 2018-12-24 16:20:40 | 显示全部楼层
sudo tcpdump -i bond1 -vv icmp  ' [/ I& E6 d4 K% t" q$ [" P# X  G6 y
tcpdump: WARNING: bond1: no IPv4 address assigned
0 E# Z" S) t; r1 gtcpdump: listening on bond1, link-type EN10MB (Ethernet), capture size 65535 bytes, ~' W5 r9 o- @- I
16:16:57.141135 IP (tos 0x0, ttl 62, id 52282, offset 0, flags [DF], proto ICMP (1), length 84). Z& h9 q- g- h6 H0 ~: q% G' A
    10.32.69.236 > 43.240.248.70: ICMP echo request, id 16362, seq 1157, length 64
1 Q7 z: M, n+ h( n. B/ A16:16:58.141200 IP (tos 0x0, ttl 62, id 52414, offset 0, flags [DF], proto ICMP (1), length 84)% P  q4 f' d) \. M- E5 v9 c
    10.32.69.236 > 43.240.248.70: ICMP echo request, id 16362, seq 1158, length 64
; c) C# d+ m2 \' n& E. u16:16:59.141214 IP (tos 0x0, ttl 62, id 53243, offset 0, flags [DF], proto ICMP (1), length 84); j, P* l$ w- d  M0 X$ @
    10.32.69.236 > 43.240.248.70: ICMP echo request, id 16362, seq 1159, length 64" Y& C" y" h: n, a
16:17:00.141085 IP (tos 0x0, ttl 62, id 53622, offset 0, flags [DF], proto ICMP (1), length 84)
$ z0 `5 v; M9 b2 F/ e) M    10.32.69.236 > 43.240.248.70: ICMP echo request, id 16362, seq 1160, length 64
点评回复 支持 反对

使用道具 举报

admin
 楼主| 发表于 2018-12-24 16:22:16 | 显示全部楼层
sudo tcpdump -i bond1 -vv -e icmp  
" o5 ~8 D5 b1 g6 Z$ X9 Btcpdump: WARNING: bond1: no IPv4 address assigned
' l, I( N' f& P* Stcpdump: listening on bond1, link-type EN10MB (Ethernet), capture size 65535 bytes7 Z! Y: g; w! S: T" O
16:21:23.140673 00:0e:1e:b3:98:20 (oui Unknown) > 00:00:5e:00:01:65 (oui Unknown), ethertype 802.1Q (0x8100), length 102: vlan 205, p 0, ethertype IPv4, (tos 0x0, ttl 62, id 47732, offset 0, flags [DF], proto ICMP (1), length 84)
3 h; u1 r6 ?5 ]2 S# s, x9 Z7 S6 K/ J) y# N2 B) {% F

# o1 i% l! X/ B7 M, u9 J) z% f5 {
( n3 Z+ v1 G0 ?: F5 N    10.32.69.236 > 43.240.248.70: ICMP echo request, id 16362, seq 1423, length 64  M. e  |0 E% w# l9 x9 @+ x
16:21:24.140663 00:0e:1e:b3:98:20 (oui Unknown) > 00:00:5e:00:01:65 (oui Unknown), ethertype 802.1Q (0x8100), length 102: vlan 205, p 0, ethertype IPv4, (tos 0x0, ttl 62, id 47779, offset 0, flags [DF], proto ICMP (1), length 84)! n( z, ]! o" t9 I
    10.32.69.236 > 43.240.248.70: ICMP echo request, id 16362, seq 1424, length 645 ]' [- {  v$ G/ w' u+ `; b* H5 c
16:21:25.140651 00:0e:1e:b3:98:20 (oui Unknown) > 00:00:5e:00:01:65 (oui Unknown), ethertype 802.1Q (0x8100), length 102: vlan 205, p 0, ethertype IPv4, (tos 0x0, ttl 62, id 48122, offset 0, flags [DF], proto ICMP (1), length 84)9 \" C" @# A) Q4 J, H3 h5 f4 c6 @
    10.32.69.236 > 43.240.248.70: ICMP echo request, id 16362, seq 1425, length 64" u3 x3 }2 }) P' ]  z
16:21:26.140629 00:0e:1e:b3:98:20 (oui Unknown) > 00:00:5e:00:01:65 (oui Unknown), ethertype 802.1Q (0x8100), length 102: vlan 205, p 0, ethertype IPv4, (tos 0x0, ttl 62, id 48938, offset 0, flags [DF], proto ICMP (1), length 84)& y2 m; d, r- _4 ~; H# J
    10.32.69.236 > 43.240.248.70: ICMP echo request, id 16362, seq 1426, length 64! e" O, j* c1 j( w/ `, H7 |
16:21:27.140613 00:0e:1e:b3:98:20 (oui Unknown) > 00:00:5e:00:01:65 (oui Unknown), ethertype 802.1Q (0x8100), length 102: vlan 205, p 0, ethertype IPv4, (tos 0x0, ttl 62, id 49679, offset 0, flags [DF], proto ICMP (1), length 84)
5 C- _- B' ?( E  C    10.32.69.236 > 43.240.248.70: ICMP echo request, id 16362, seq 1427, length 64
  z( o6 P5 N# [+ p8 ~! f3 `16:21:28.140616 00:0e:1e:b3:98:20 (oui Unknown) > 00:00:5e:00:01:65 (oui Unknown), ethertype 802.1Q (0x8100), length 102: vlan 205, p 0, ethertype IPv4, (tos 0x0, ttl 62, id 50377, offset 0, flags [DF], proto ICMP (1), length 84)' f1 I; u: d) c
    10.32.69.236 > 43.240.248.70: ICMP echo request, id 16362, seq 1428, length 64* V' o6 R6 c8 n- |& F: }
16:21:29.140633 00:0e:1e:b3:98:20 (oui Unknown) > 00:00:5e:00:01:65 (oui Unknown), ethertype 802.1Q (0x8100), length 102: vlan 205, p 0, ethertype IPv4, (tos 0x0, ttl 62, id 50603, offset 0, flags [DF], proto ICMP (1), length 84)
. z# ~( a$ E+ J6 c+ U    10.32.69.236 > 43.240.248.70: ICMP echo request, id 16362, seq 1429, length 647 @, P% M5 {; U
16:21:30.140614 00:0e:1e:b3:98:20 (oui Unknown) > 00:00:5e:00:01:65 (oui Unknown), ethertype 802.1Q (0x8100), length 102: vlan 205, p 0, ethertype IPv4, (tos 0x0, ttl 62, id 51285, offset 0, flags [DF], proto ICMP (1), length 84)
点评回复 支持 反对

使用道具 举报

admin
 楼主| 发表于 2018-12-24 16:22:34 | 显示全部楼层
sudo tcpdump -i bond1 -vvv -e icmp  
; _$ J3 t# {! dtcpdump: WARNING: bond1: no IPv4 address assigned
9 \" ~) d8 Q, @tcpdump: listening on bond1, link-type EN10MB (Ethernet), capture size 65535 bytes' X4 ~/ b% a) Q8 u0 Z5 z
16:22:01.140593 00:0e:1e:b3:98:20 (oui Unknown) > 00:00:5e:00:01:65 (oui Unknown), ethertype 802.1Q (0x8100), length 102: vlan 205, p 0, ethertype IPv4, (tos 0x0, ttl 62, id 1576, offset 0, flags [DF], proto ICMP (1), length 84)" p& X2 k5 s+ f, X+ Q. u
    10.32.69.236 > 43.240.248.70: ICMP echo request, id 16362, seq 1461, length 64
  n  F: `: }5 E/ a3 |% {16:22:02.140601 00:0e:1e:b3:98:20 (oui Unknown) > 00:00:5e:00:01:65 (oui Unknown), ethertype 802.1Q (0x8100), length 102: vlan 205, p 0, ethertype IPv4, (tos 0x0, ttl 62, id 1841, offset 0, flags [DF], proto ICMP (1), length 84)% e! f# S7 H. A$ m, ~
    10.32.69.236 > 43.240.248.70: ICMP echo request, id 16362, seq 1462, length 64
/ y5 A/ E7 g0 c3 x& N16:22:03.140606 00:0e:1e:b3:98:20 (oui Unknown) > 00:00:5e:00:01:65 (oui Unknown), ethertype 802.1Q (0x8100), length 102: vlan 205, p 0, ethertype IPv4, (tos 0x0, ttl 62, id 2688, offset 0, flags [DF], proto ICMP (1), length 84)
4 w" A' V7 ^3 h/ f1 @- S2 H! T    10.32.69.236 > 43.240.248.70: ICMP echo request, id 16362, seq 1463, length 64
3 `/ C, f8 o7 D) @( u16:22:04.140584 00:0e:1e:b3:98:20 (oui Unknown) > 00:00:5e:00:01:65 (oui Unknown), ethertype 802.1Q (0x8100), length 102: vlan 205, p 0, ethertype IPv4, (tos 0x0, ttl 62, id 3273, offset 0, flags [DF], proto ICMP (1), length 84)1 V; G* ]6 O2 S9 \
    10.32.69.236 > 43.240.248.70: ICMP echo request, id 16362, seq 1464, length 64
' ~, l- V& N  ?) I16:22:05.140544 00:0e:1e:b3:98:20 (oui Unknown) > 00:00:5e:00:01:65 (oui Unknown), ethertype 802.1Q (0x8100), length 102: vlan 205, p 0, ethertype IPv4, (tos 0x0, ttl 62, id 3297, offset 0, flags [DF], proto ICMP (1), length 84)! U% B% [# _# w  X1 @/ J- x
    10.32.69.236 > 43.240.248.70: ICMP echo request, id 16362, seq 1465, length 64: M$ |) t: t' E8 P/ X. t
16:22:06.140605 00:0e:1e:b3:98:20 (oui Unknown) > 00:00:5e:00:01:65 (oui Unknown), ethertype 802.1Q (0x8100), length 102: vlan 205, p 0, ethertype IPv4, (tos 0x0, ttl 62, id 3547, offset 0, flags [DF], proto ICMP (1), length 84)
点评回复 支持 反对

使用道具 举报

admin
 楼主| 发表于 2018-12-24 18:49:19 | 显示全部楼层
sudo tcpdump  -i  tapa72cc152-ce -w 43.240.248.70.cap
点评回复 支持 反对

使用道具 举报

返回列表 发新帖 回复
高级模式
B Color Image Link Quote Code Smilies
您需要登录后才可以回帖 登录 | 开始注册

本版积分规则

关闭

站长推荐上一条 /4 下一条

如有购买积分卡请联系497906712

QQ|返回首页|Archiver|手机版|小黑屋|易陆发现 点击这里给我发消息

GMT+8, 2023-2-3 01:57 , Processed in 0.188318 second(s), 21 queries .

Powered by LR.LINUX.cloud bbs168x X3.2 Licensed

© 2012-2022 Comsenz Inc.

快速回复 返回顶部 返回列表