检查loopback网络接口是否正常工作

检查loopback网络接口是否正常工作
.

0

linux命令:sudo tcpdump -i lo -nv ip ip -nv lo -i tcpdump sudo sudo tcpdump -i lo -nv iprootopen.com
linux命令:sudo tcpdump -i lo -nv ip ip -nv lo -i tcpdump sudo sudo tcpdump -i lo -nv iprootopen.com
wqxp 2018-05-14 23:24:48
输出

评论

相关推荐

linux命令:tcpdump -nnvvXSs 1514 -i <device> <filters> <filters> <device> -i 1514 -nnvvXSs tcpdump tcpdump -nnvvXSs 1514 -i <device> <filters>rootopen.com
linux命令:tcpdump -nnvvXSs 1514 -i <device> <filters> <filters> <device> -i 1514 -nnvvXSs tcpdump tcpdump -nnvvXSs 1514 -i <device> <filters>rootopen.com
.

linux命令:tcpdump -nnvvXSs 1514 -i <device> <filters> <filters> <device> -i 1514 -nnvvXSs tcpdump tcpdump -nnvvXSs 1514 -i <device> <filters>rootopen.com
linux命令:tcpdump -nnvvXSs 1514 -i <device> <filters> <filters> <device> -i 1514 -nnvvXSs tcpdump tcpdump -nnvvXSs 1514 -i <device> <filters>rootopen.com
.

在某个时候你想知道你的网络上有什么数据包在流动。为此使用tcpdump。手册页是钝的,至少可以这么说,所以这里有一些简单的命令让你开始。-n表示显示IP数字,不要试图将它们翻译成名称。-l意味着尽快写一行ready -i eth0表示跟踪流经第一个以太网接口的数据包.src或dst wxyz仅跟踪去往或来自IP地址的数据包wxyzport 80仅跟踪HTTP.proto的数据包udp仅跟踪UDP协议的数据包。一旦您对每个选项感到满意,将它们与'和''或''不''结合起来就可以得到你想要的效果。

linux命令:tcpdump -nli eth0; tcpdump -nli eth0 src or dst w.x.y.z; tcpdump -nli eth0 port 80; tcpdump -nli eth0 proto udp udp proto eth0 -nli tcpdump 80; port eth0 -nli tcpdump w.x.y.z; dst or src eth0 -nli tcpdump eth0; -nli tcpdump tcpdump -nli eth0; tcpdump -nli eth0 src or dst w.x.y.z; tcpdump -nli eth0 port 80; tcpdump -nli eth0 proto udprootopen.com
linux命令:tcpdump -nli eth0; tcpdump -nli eth0 src or dst w.x.y.z; tcpdump -nli eth0 port 80; tcpdump -nli eth0 proto udp udp proto eth0 -nli tcpdump 80; port eth0 -nli tcpdump w.x.y.z; dst or src eth0 -nli tcpdump eth0; -nli tcpdump tcpdump -nli eth0; tcpdump -nli eth0 src or dst w.x.y.z; tcpdump -nli eth0 port 80; tcpdump -nli eth0 proto udprootopen.com
.

这为您提供了很多精彩的思科网络信息,如VLAN标签,端口和交换机信息。

linux命令:tcpdump -nn -v -i eth0 -s 1500 -c 1 'ether[20:2] == 0x2000' 0x2000' == 'ether[20:2] 1 -c 1500 -s eth0 -i -v -nn tcpdump tcpdump -nn -v -i eth0 -s 1500 -c 1 'ether[20:2] == 0x2000'rootopen.com
linux命令:tcpdump -nn -v -i eth0 -s 1500 -c 1 'ether[20:2] == 0x2000' 0x2000' == 'ether[20:2] 1 -c 1500 -s eth0 -i -v -nn tcpdump tcpdump -nn -v -i eth0 -s 1500 -c 1 'ether[20:2] == 0x2000'rootopen.com
.

linux命令:tcpdump -n -v tcp or udp or icmp and not port 22 22 port not and icmp or udp or tcp -v -n tcpdump tcpdump -n -v tcp or udp or icmp and not port 22rootopen.com
linux命令:tcpdump -n -v tcp or udp or icmp and not port 22 22 port not and icmp or udp or tcp -v -n tcpdump tcpdump -n -v tcp or udp or icmp and not port 22rootopen.com
.

在端口80上嗅探流量只有前1500个字节

linux命令:tcpdump -ieth0 -n tcp port 80 -A -s1500 -s1500 -A 80 port tcp -n -ieth0 tcpdump tcpdump -ieth0 -n tcp port 80 -A -s1500rootopen.com
linux命令:tcpdump -ieth0 -n tcp port 80 -A -s1500 -s1500 -A 80 port tcp -n -ieth0 tcpdump tcpdump -ieth0 -n tcp port 80 -A -s1500rootopen.com
.

然后点击^ C停止,通过scp获取文件,现在可以使用wireshark,如下所示:wireshark /tmp/sniff.pcap如果远程主机上有tshark,则可以使用:wireshark -k -i <(ssh - l root <远程主机> tshark -w - 不是tcp端口22)最后一个片段来自http://wiki.wireshark.org/CaptureSetup/Pipes

linux命令:tcpdump -v -i <INTERFACE> -s 0 -w /tmp/sniff.pcap port <PORT> # On the remote side side remote the On # <PORT> port /tmp/sniff.pcap -w 0 -s <INTERFACE> -i -v tcpdump tcpdump -v -i <INTERFACE> -s 0 -w /tmp/sniff.pcap port <PORT> # On the remote siderootopen.com
linux命令:tcpdump -v -i <INTERFACE> -s 0 -w /tmp/sniff.pcap port <PORT> # On the remote side side remote the On # <PORT> port /tmp/sniff.pcap -w 0 -s <INTERFACE> -i -v tcpdump tcpdump -v -i <INTERFACE> -s 0 -w /tmp/sniff.pcap port <PORT> # On the remote siderootopen.com
.

linux命令:tcpdump -i any -n tcp[13] == 2 2 == tcp[13] -n any -i tcpdump tcpdump -i any -n tcp[13] == 2rootopen.com
linux命令:tcpdump -i any -n tcp[13] == 2 2 == tcp[13] -n any -i tcpdump tcpdump -i any -n tcp[13] == 2rootopen.com
.

linux命令:tcpdump -i eth0 port 80 -w - - -w 80 port eth0 -i tcpdump tcpdump -i eth0 port 80 -w -rootopen.com
linux命令:tcpdump -i eth0 port 80 -w - - -w 80 port eth0 -i tcpdump tcpdump -i eth0 port 80 -w -rootopen.com
.

该命令对于监视盒子及其连接IP的使用非常有用。使用GUI程序“wireshark”或通过CLI使用以下命令可以读取结果文件“sniff”:tcpdump -f“sniff”-XX

linux命令:tcpdump -i eth0 "tcp port pop3 and ip[40] = 85 and ip[41] = 83" -s 1500 -n -w "sniff" "sniff" -w -n 1500 -s 83" = ip[41] and 85 = ip[40] and pop3 port "tcp eth0 -i tcpdump tcpdump -i eth0 "tcp port pop3 and ip[40] = 85 and ip[41] = 83" -s 1500 -n -w "sniff"rootopen.com
linux命令:tcpdump -i eth0 "tcp port pop3 and ip[40] = 85 and ip[41] = 83" -s 1500 -n -w "sniff" "sniff" -w -n 1500 -s 83" = ip[41] and 85 = ip[40] and pop3 port "tcp eth0 -i tcpdump tcpdump -i eth0 "tcp port pop3 and ip[40] = 85 and ip[41] = 83" -s 1500 -n -w "sniff"rootopen.com
.

tcpdump参数只是一个例子。

linux命令:tcpdump -w "$(sed 's/-//gi; s/ /_/gi'<<<"-vvv -s0 -ieth1 -c10 icmp").pcap" icmp").pcap" -c10 -ieth1 -s0 /_/gi'<<<"-vvv s/ 's/-//gi; "$(sed -w tcpdump tcpdump -w "$(sed 's/-//gi; s/ /_/gi'<<<"-vvv -s0 -ieth1 -c10 icmp").pcap"rootopen.com
linux命令:tcpdump -w "$(sed 's/-//gi; s/ /_/gi'<<<"-vvv -s0 -ieth1 -c10 icmp").pcap" icmp").pcap" -c10 -ieth1 -s0 /_/gi'<<<"-vvv s/ 's/-//gi; "$(sed -w tcpdump tcpdump -w "$(sed 's/-//gi; s/ /_/gi'<<<"-vvv -s0 -ieth1 -c10 icmp").pcap"rootopen.com
.

我们可以通过这个简单的命令从tcpdump获得有用的统计信息。感谢“Babak Farrokhi”教我这个;)

linux命令:tcpdump -nr capture.file | awk '{print }' | grep -oE '[0-9]{1,}.[0-9]{1,}.[0-9]{1,}.[0-9]{1,}' | sort | uniq -c | sort -n -n sort | -c uniq | sort | '[0-9]{1,}.[0-9]{1,}.[0-9]{1,}.[0-9]{1,}' -oE grep | }' '{print awk | capture.file -nr tcpdump tcpdump -nr capture.file | awk '{print }' | grep -oE '[0-9]{1,}.[0-9]{1,}.[0-9]{1,}.[0-9]{1,}' | sort | uniq -c | sort -nrootopen.com
linux命令:tcpdump -nr capture.file | awk '{print }' | grep -oE '[0-9]{1,}.[0-9]{1,}.[0-9]{1,}.[0-9]{1,}' | sort | uniq -c | sort -n -n sort | -c uniq | sort | '[0-9]{1,}.[0-9]{1,}.[0-9]{1,}.[0-9]{1,}' -oE grep | }' '{print awk | capture.file -nr tcpdump tcpdump -nr capture.file | awk '{print }' | grep -oE '[0-9]{1,}.[0-9]{1,}.[0-9]{1,}.[0-9]{1,}' | sort | uniq -c | sort -nrootopen.com
.

当您的计算机正在下载内容时输出声音

linux命令:tcpdump | aplay -c 2 2 -c aplay | tcpdump tcpdump | aplay -c 2rootopen.com
linux命令:tcpdump | aplay -c 2 2 -c aplay | tcpdump tcpdump | aplay -c 2rootopen.com
.

有时只需要概括一下“什么在这里占用所有带宽”是有用的。运行此命令会将tcpdump限制为几个数据包(而不是无休止地泛滥您的终端),并且会提供一个小但有时足够的示例来确定发生了什么。有用的快速诊断DOS攻击。

linux命令:tcpdump -i eth0 -n | head head | -n eth0 -i tcpdump tcpdump -i eth0 -n | headrootopen.com
linux命令:tcpdump -i eth0 -n | head head | -n eth0 -i tcpdump tcpdump -i eth0 -n | headrootopen.com
.

显示网络吞吐量

linux命令:tcpdump -w - |pv -bert >/dev/null >/dev/null -bert |pv - -w tcpdump tcpdump -w - |pv -bert >/dev/nullrootopen.com
linux命令:tcpdump -w - |pv -bert >/dev/null >/dev/null -bert |pv - -w tcpdump tcpdump -w - |pv -bert >/dev/nullrootopen.com
.

跟踪并查看网络流量。

linux命令:tcpdump -A -s 0 port 80 80 port 0 -s -A tcpdump tcpdump -A -s 0 port 80rootopen.com
linux命令:tcpdump -A -s 0 port 80 80 port 0 -s -A tcpdump tcpdump -A -s 0 port 80rootopen.com
.

简单的TCPDUMP grepping用于常见的不安全协议(HTTP,POP3,SMTP,FTP)

linux命令:tcpdump port http or port ftp or port smtp or port imap or port pop3 -l -A | egrep -i 'pass=|pwd=|log=|login=|user=|username=|pw=|passw=|passwd=|password=|pass:|user:|username:|password:|login:|pass |user ' --color=auto --line-buffered -B20 -B20 --line-buffered --color=auto ' |user 'pass=|pwd=|log=|login=|user=|username=|pw=|passw=|passwd=|password=|pass:|user:|username:|password:|login:|pass -i egrep | -A -l pop3 port or imap port or smtp port or ftp port or http port tcpdump tcpdump port http or port ftp or port smtp or port imap or port pop3 -l -A | egrep -i 'pass=|pwd=|log=|login=|user=|username=|pw=|passw=|passwd=|password=|pass:|user:|username:|password:|login:|pass |user ' --color=auto --line-buffered -B20rootopen.com
linux命令:tcpdump port http or port ftp or port smtp or port imap or port pop3 -l -A | egrep -i 'pass=|pwd=|log=|login=|user=|username=|pw=|passw=|passwd=|password=|pass:|user:|username:|password:|login:|pass |user ' --color=auto --line-buffered -B20 -B20 --line-buffered --color=auto ' |user 'pass=|pwd=|log=|login=|user=|username=|pw=|passw=|passwd=|password=|pass:|user:|username:|password:|login:|pass -i egrep | -A -l pop3 port or imap port or smtp port or ftp port or http port tcpdump tcpdump port http or port ftp or port smtp or port imap or port pop3 -l -A | egrep -i 'pass=|pwd=|log=|login=|user=|username=|pw=|passw=|passwd=|password=|pass:|user:|username:|password:|login:|pass |user ' --color=auto --line-buffered -B20rootopen.com
.

linux命令:tcpdump -ntr NAME_OF_CAPTURED_FILE.pcap 'tcp[13] = 0x02 and dst port 80' | awk '{print $4}' | tr . ' ' | awk '{print $1"."$2"."$3"."$4}' | sort | uniq -c | awk ' {print $2 "\t" $1 }' }' $1 "\t" $2 {print ' awk | -c uniq | sort | $1"."$2"."$3"."$4}' '{print awk | ' ' . tr | $4}' '{print awk | 80' port dst and 0x02 = 'tcp[13] NAME_OF_CAPTURED_FILE.pcap -ntr tcpdump tcpdump -ntr NAME_OF_CAPTURED_FILE.pcap 'tcp[13] = 0x02 and dst port 80' | awk '{print $4}' | tr . ' ' | awk '{print $1"."$2"."$3"."$4}' | sort | uniq -c | awk ' {print $2 "\t" $1 }'rootopen.com
linux命令:tcpdump -ntr NAME_OF_CAPTURED_FILE.pcap 'tcp[13] = 0x02 and dst port 80' | awk '{print $4}' | tr . ' ' | awk '{print $1"."$2"."$3"."$4}' | sort | uniq -c | awk ' {print $2 "\t" $1 }' }' $1 "\t" $2 {print ' awk | -c uniq | sort | $1"."$2"."$3"."$4}' '{print awk | ' ' . tr | $4}' '{print awk | 80' port dst and 0x02 = 'tcp[13] NAME_OF_CAPTURED_FILE.pcap -ntr tcpdump tcpdump -ntr NAME_OF_CAPTURED_FILE.pcap 'tcp[13] = 0x02 and dst port 80' | awk '{print $4}' | tr . ' ' | awk '{print $1"."$2"."$3"."$4}' | sort | uniq -c | awk ' {print $2 "\t" $1 }'rootopen.com
.

其中src或dst是您希望查看HTTP头的主机。

linux命令:tcpdump -s 1024 -l -A src 192.168.9.56 or dst 192.168.9.56 192.168.9.56 dst or 192.168.9.56 src -A -l 1024 -s tcpdump tcpdump -s 1024 -l -A src 192.168.9.56 or dst 192.168.9.56rootopen.com
linux命令:tcpdump -s 1024 -l -A src 192.168.9.56 or dst 192.168.9.56 192.168.9.56 dst or 192.168.9.56 src -A -l 1024 -s tcpdump tcpdump -s 1024 -l -A src 192.168.9.56 or dst 192.168.9.56rootopen.com
.

这是一个更好的方法来做“src X或dst X”过滤器; 另外,您可能不想麻烦DNS查找(-n)。

linux命令:tcpdump -s 1024 -l -A -n host 192.168.9.56 192.168.9.56 host -n -A -l 1024 -s tcpdump tcpdump -s 1024 -l -A -n host 192.168.9.56rootopen.com
linux命令:tcpdump -s 1024 -l -A -n host 192.168.9.56 192.168.9.56 host -n -A -l 1024 -s tcpdump tcpdump -s 1024 -l -A -n host 192.168.9.56rootopen.com
.
共收录0条命令行
这里是记录和分享命令行的地方, 所有命令行都可以进行评论、提交替代方案.

推荐
    热门命令