°Ô½Ã¹° 260°Ç
   
[RHEL6.3] tcpdump »ç¿ë¹ý
±Û¾´ÀÌ : theko ³¯Â¥ : 2014-11-11 (È­) 10:50 Á¶È¸ : 4094

@tcpdump »ç¿ë¹ý

 

tcpdump --help

tcpdump version 4.1-PRE-CVS_2012_03_26

libpcap version 1.4.0

Usage: tcpdump [-aAdDefIKlLnNOpqRStuUvxX] [ -B size ] [ -c count ]

                [ -C file_size ] [ -E algo:secret ] [ -F file ] [ -G seconds ]

                [ -i interface ] [ -M secret ] [ -r file ]

                [ -s snaplen ] [ -T type ] [ -w file ] [ -W filecount ]

                [ -y datalinktype ] [ -z command ] [ -Z user ]

                [ expression ]

 

>> °¢ ¿É¼Ç¿¡ ´ëÇÑ ³»¿ëÀ̸ç ÀÚ¼¼ÇÑ ¼³¸íÀº "man tcpdump" ¿¡¼­ È®ÀÎÀÌ °¡´É ÇÕ´Ï´Ù.

 

example

 

#tcpdump -vvv

>> ¸ðµç ÀÎÅÍÆäÀ̽º¿¡ ´ëÇÏ¿© more verbose ¸ðµå·Î console ¿¡ Ãâ·Â

 

#tcpdump -vvv > /tmp/tcpdump.txt

>> ¸ðµç ÀÎÅÍÆäÀ̽º¿¡ ´ëÇÏ¿© more verbose ¸ðµå·Î ¹ß»ýµÇ´Â ³»¿ë¿¡ ´ëÇÏ¿© ">" ¸®´ÙÀÌ·ºÆ®·Î

>> /tmp/tcpdump.txt ¿¡ ±â·Ï

 

#tcpdump -i bond0  -vvv

>> bond0 ÀÎÅÍÆäÀ̽º¿¡ ´ëÇÏ¿© more verbose ¸ðµå·Î console ¿¡ Ãâ·Â

 

#tcpdump -i bond0 -vvv > /tmp/tcpdump.txt

>> bond0 ÀÎÅÍÆäÀ̽º¿¡ ´ëÇÏ¿© more verbose ¸ðµå·Î ¹ß»ýµÇ´Â ³»¿ë¿¡ ´ëÇÏ¿© ">" ¸®´ÙÀÌ·ºÆ®·Î

>> /tmp/tcpdump.txt ¿¡ ±â·Ï

 

#tcpdump -i bond0 -vvv -w /tmp/tcpdump2

>> ÇØ´ç ÆÄÀÏÀ» binary ÇüÅÂÀÇ ÆÄÀÏ·Î ±â·Ï, ÇØ´ç ÆÄÀÏÀ» È®ÀÎÇϱâ À§Çؼ­´Â " tcpdump -r /tmp/tcpdump2

>> or tcpdump -Xqnr /tmp/tcpdump2 " ·Î È®ÀÎ °¡´É

 

verbose ¸ðµå´Â »óȲ¿¡ ¸Â°Ô "none , -v , -vv , -vvv " À» ¼±ÅÃÇÏ¿© »ç¿ë ÇϽñ⠹ٶø´Ï´Ù.

 

°ü·Ã ³»¿ë ÷ºÎ:

 

       -v     When parsing and printing, produce (slightly more) verbose output.  For example, the time to live, identification, total length and options in  an  IP  packet

              are printed.  Also enables additional packet integrity checks such as verifying the IP and ICMP header checksum.

 

              When writing to a file with the -w option, report, every 10 seconds, the number of packets captured.

 

       -vv    Even more verbose output.  For example, additional fields are printed from NFS reply packets, and SMB packets are fully decoded.

 

       -vvv   Even more verbose output.  For example, telnet SB ... SE options are printed in full.  With -X Telnet options are printed in hex as well

theko 2014-11-11 (È­) 10:51

tcpdump -i eth0 -C 1 -w /tmp/tcp.txt

¾Æ·¡¿Í °°ÀÌ ÇØ´çÆ÷Æ®(-i eth0) ¿¡¼­ 1MB(-C 1) ÆÄÀÏ(/tmp/tcp.txt)·Î tcpdump¸¦ »ç¿ëÇÒ¼ö ÀÖ½À´Ï´Ù

À̸§ Æнº¿öµå
ºñ¹Ð±Û (üũÇÏ¸é ±Û¾´À̸¸ ³»¿ëÀ» È®ÀÎÇÒ ¼ö ÀÖ½À´Ï´Ù.)
¿ÞÂÊÀÇ ±ÛÀÚ¸¦ ÀÔ·ÂÇϼ¼¿ä.
   

miwit.com sir.co.kr DNS Powered by DNSEver.com DNS Powered by DNSEver.com