小小程序猿
这个人很懒,什么都没写
Toggle navigation
小小程序猿
主页
关于
友链
归档
标签
linux-tcpdump
linux
2021-10-21 10:09:38
78
0
0
terry
linux
>白话三次握手  >白话四次断开  > [网上的一些tcpdump例子](https://cloud.tencent.com/developer/article/1117557) <pre> tcpdump 标志位说明 S(SYN) F(FIN) P(PUSH) R(RST) U(URG) W(ECN CWR) E ECN-Echo) or `.' (ACK), or `none' if no flags are set. </pre> ```shell 三次握手、四次断开分析 抓包:tcpdump -i any tcp port 80 -nn -c 200 请求:curl -I -s http://www.baidu.com 三次握手 10:47:41.277865 IP 172.17.99.30.18328 > 110.242.68.4.80: Flags [S], seq 2973160572, win 1460, options [mss 1460,sackOK,TS val 2268371282 ecr 0,nop,wscale 10], length 0 10:47:41.294021 IP 110.242.68.4.80 > 172.17.99.30.18328: Flags [S.], seq 211107021, ack 2973160573, win 8192, options [mss 1452,sackOK,nop,nop,nop,nop,nop,nop,nop,nop,nop,nop,nop,wscale 5], length 0 10:47:41.294107 IP 172.17.99.30.18328 > 110.242.68.4.80: Flags [.], ack 1, win 2, length 0 数据传输 10:47:41.294175 IP 172.17.99.30.18328 > 110.242.68.4.80: Flags [P.], seq 1:79, ack 1, win 2, length 78: HTTP: HEAD / HTTP/1.1 10:47:41.310463 IP 110.242.68.4.80 > 172.17.99.30.18328: Flags [.], ack 79, win 908, length 0 10:47:41.311371 IP 110.242.68.4.80 > 172.17.99.30.18328: Flags [P.], seq 1:333, ack 79, win 908, length 332: HTTP: HTTP/1.1 200 OK 10:47:41.311385 IP 172.17.99.30.18328 > 110.242.68.4.80: Flags [.], ack 333, win 3, length 0 四次断开 10:47:41.311561 IP 172.17.99.30.18328 > 110.242.68.4.80: Flags [F.], seq 79, ack 333, win 3, length 0 10:47:41.327822 IP 110.242.68.4.80 > 172.17.99.30.18328: Flags [.], ack 80, win 908, length 0 10:47:41.327863 IP 110.242.68.4.80 > 172.17.99.30.18328: Flags [F.], seq 333, ack 80, win 908, length 0 10:47:41.327886 IP 172.17.99.30.18328 > 110.242.68.4.80: Flags [.], ack 334, win 3, length 0 ``` ```shell tcp 实用参数 -i any 任意端口 -nn 不显示域名 -X 显示包内容16进制 -c 10 一共抓取10个包 host 192.168.21.36 and tcp port 30001 抓取指定Ip和指定端口 tcpdump -i any host 192.168.21.36 and tcp port 30001 -nnX -c 10 ```
上一篇:
linux-arp
下一篇:
other-bash
0
赞
78 人读过
新浪微博
微信
腾讯微博
QQ空间
人人网
提交评论
立即登录
, 发表评论.
没有帐号?
立即注册
0
条评论
More...
文档导航
terry
没有帐号? 立即注册