使用 tcpdump 抓取指定网卡数据包信息

tcpdump -n -i eth0

-n 参数,禁止反向域名解析

抓取 eth0 的数据:

tcpdump: WARNING: eth0: no IPv4 address assigned
tcpdump: verbose output suppressed, use -v or -vv for full protocol decode
listening on eth0, link-type EN10MB (Ethernet), capture size 65535 bytes
13:34:09.195602 IP 192.168.31.93.54321 > 120.92.96.242.8053: UDP, length 32
13:34:09.634168 IP 192.168.31.49.4321 > 224.0.0.50.9898: UDP, length 136
13:34:10.967502 IP 192.168.31.85.49856 > 61.129.6.102.443: Flags [P.], seq 1031891056:1031891388, ack 160831591, win 8192, length 332
13:34:11.115455 IP 192.168.31.85.49856 > 61.129.6.102.443: Flags [P.], seq 0:332, ack 1, win 8192, length 332
13:34:11.267522 IP 192.168.31.85.49856 > 61.129.6.102.443: Flags [P.], seq 0:332, ack 1, win 8192, length 332
13:34:11.381302 IP 192.168.31.75.45620 > 27.109.124.37.8053: UDP, length 128
13:34:11.665873 IP 192.168.31.85.49856 > 61.129.6.102.443: Flags [P.], seq 0:332, ack 1, win 8192, length 332
13:34:12.258944 IP 192.168.31.85.49856 > 61.129.6.102.443: Flags [P.], seq 0:332, ack 1, win 8192, length 332
13:34:12.695807 IP 192.168.31.70.59698 > 120.77.237.241.10001: UDP, length 288
13:34:12.695897 IP 192.168.31.70.59698 > 120.92.209.226.10001: UDP, length 288
13:34:12.695955 IP 192.168.31.70.59698 > 52.221.145.199.10001: UDP, length 288