tcpdump.pdf
(
37 KB
)
Pobierz
TCPDUMP
packetlife.net
Command Line Options
Print frame payload in ASCII
Quick output
-A
-q
-c <count>
Exit after capturing count packets
Read packets from file
-r <file>
List available interfaces
Capture up to len bytes per packet
-D
-s <len>
Print link-level headers
Print absolute TCP sequence numbers
-e
-S
Use file as the filter expression
Don't print timestamps
-F <file>
-t
Rotate the dump file every n seconds
Print more verbose output
-G <n>
-v[v[v]]
-i <iface>
Specifies the capture interface
Write captured packets to file
-w <file>
Don't verify TCP checksums
Print frame payload in hex
-K
-x
List data link types for the interface
Print frame payload in hex and ASCII
-L
-X
Don't convert addresses to names
Specify the data link type
-n
-y <type>
Don't capture in promiscuous mode
Drop privileges from root to user
-p
-Z <user>
Capture Filter Primitives
Matches a host as the IP source, destination, or either
[src|dst] host
<host>
Matches a host as the Ethernet source, destination, or either
ether [src|dst] host
<ehost>
Matches packets which used host as a gateway
gateway host
<host>
Matches packets to or from an endpoint residing in network
[src|dst] net
<network>
/
<len>
Matches TCP or UDP packets sent to/from port
[tcp|udp] [src|dst] port
<port>
[tcp|udp] [src|dst] portrange
<p1>
-
<p2>
Matches TCP or UDP packets to/from a port in the given range
Matches packets less than or equal to length
less
<length>
Matches packets greater than or equal to length
greater
<length>
Matches an Ethernet, IPv4, or IPv6 protocol
(ether|ip|ip6) proto
<protocol>
Matches Ethernet or IPv4 broadcasts
(ether|ip) broadcast
Matches Ethernet, IPv4, or IPv6 multicasts
(ether|ip|ip6) multicast
type (mgt|ctl|data) [subtype
<subtype>
]
Matches 802.11 frames based on type and optional subtype
Matches 802.1Q frames, optionally with a VLAN ID of vlan
vlan [
<vlan>
]
Matches MPLS packets, optionally with a label of label
mpls [
<label>
]
Matches packets by an arbitrary expression
<expr> <relop> <expr>
Protocols
Modifiers
Examples
!
or
not
&&
or
and
||
or
or
UDP not bound for port 53
arp
ip6
slip
udp dst port not 53
Traffic between these hosts
ether
link
tcp
host 10.0.0.1 && host 10.0.0.2
Packets to either TCP port
fddi
ppp
tr
tcp dst port 80 or 8080
icmp
radio
udp
ICMP Types
ip
rarp
wlan
icmp-echoreply
icmp-routeradvert
icmp-tstampreply
TCP Flags
icmp-unreach
icmp-routersolicit
icmp-ireq
tcp-urg
tcp-rst
icmp-sourcequench
icmp-timxceed
icmp-ireqreply
tcp-ack
tcp-syn
icmp-redirect
icmp-paramprob
icmp-maskreq
tcp-psh
tcp-fin
icmp-echo
icmp-tstamp
icmp-maskreply
by Jeremy Stretch
v2.0
Plik z chomika:
Caveman85
Inne pliki z tego folderu:
IBM - TCP-IP Tutorial and Technical Overview.pdf
(6166 KB)
CISCO - Spanning-Tree Protocols (STP RSTP MSTP).pdf
(1161 KB)
physical_terminations.pdf
(381 KB)
Cisco_IOS_Versions.pdf
(67 KB)
VOIP_Basics.pdf
(76 KB)
Inne foldery tego chomika:
• Kurs Cisco CCNA v 3.1
Administrowanie Sieciami Komputerowymi - mgr inż Paweł Pławiak
CCNA
CCNA - CCSP - CNAP - CCSP - Cisco
CCNA - CCSP - CNAP - CCSP - Cisco2
Zgłoś jeśli
naruszono regulamin