tcpdump
网卡:
tcpdump -i eth0
源/目标地址:
tcpdump src 1.1.1.1
tcpdump dst 1.0.0.1
源/目标CIDR:
tcpdump net 1.2.3.0/24
端口号:
tcpdump port 3389
tcpdump src port 1025
tcpdump portrange 21-23
写到文件:
tcpdump port 80 -w capture_file
读文件:
tcpdump -r capture_file