How to grab packets on the Internet under Linux 01/18 Update SLTechnology News&Howtos

How to grab packets on the Internet under Linux

2025-01-18 Update From: SLTechnology News&Howtos shulou NAV: SLTechnology News&Howtos > Internet Technology >

Shulou(Shulou.com)06/02 Report--

This article mainly introduces "how to grab packets on the network under Linux". In the daily operation, I believe that many people have doubts about how to grab packets on the network under Linux. The editor consulted all kinds of materials and sorted out simple and easy-to-use methods of operation. I hope it will be helpful to answer the doubts of "how to grab packets on the network under Linux". Next, please follow the editor to study!

Number of monitoring handles and connections

Lsof-p 23456 | wc-l

Netstat | grep "10.6.1.88 88888" | wc-l

Tcpdump listening port (under root users)

Tcpdump tcp port port number-X-s 0-ieth2

Tcpdump host machine ip-X-s 0-I eth2

Tcpdump host machine ip and tcp port port number-X-s 0-I eth2

(- I eth2 means monitoring the network interface eth2. If you do not specify default monitoring eth0)

Tcpdump host 10.6.1.88

(get all packets sent and received by 10.6.1.88)

Tcpdump host sundown

(print all packets entering or leaving sundown)

Tcpdump host helios and\ (hot or ace\)

Print packets for communication between helios and hot or with ace

Tcpdump host 10.6.1.88and\ (10.6.1.87 or 10.6.1.86\)

(intercept communication between host 10.6.1.88 and host 10.6.1.87 or 10.6.1.86)

Tcpdump ip host ace and not helios

(print IP packets for communication between ace and any other host, but excluding packets with helios)

Tcpdump ip host 10.6.1.88and! 10.6.1.89

(if you want to get the ip packets of host 10.6.1.88 communicating with all hosts except host 10.6.1.89)

Tcpdump-I eth0 src host hostname

(intercept all data sent by the host hostname)

Tcpdump-I eth0 dst host hostname

(monitor all packets sent to the host hostname)

At this point, the study of "how to grab packets on the network under Linux" is over. I hope to be able to solve your doubts. The collocation of theory and practice can better help you learn, go and try it! If you want to continue to learn more related knowledge, please continue to follow the website, the editor will continue to work hard to bring you more practical articles!

Welcome to subscribe "Shulou Technology Information " to get latest news, interesting things and hot topics in the IT industry, and controls the hottest and latest Internet news, technology news and IT industry trends.

*The comments in the above article only represent the author's personal views and do not represent the views and positions of this website. If you have more insights, please feel free to contribute and share.