tcpdump(1).pdf
(
37 KB
)
Pobierz
TCPDUMP
packetlife.net
Command Line Options
Print frame payload in ASCII
Quick output
-A
-q
-c <count>
Exit after capturing count packets
Read packets from file
-r <file>
List available interfaces
Capture up to len bytes per packet
-D
-s <len>
Print link-level headers
Print absolute TCP sequence numbers
-e
-S
Use file as the filter expression
Don't print timestamps
-F <file>
-t
Rotate the dump file every n seconds
Print more verbose output
-G <n>
-v[v[v]]
-i <iface>
Specifies the capture interface
Write captured packets to file
-w <file>
Don't verify TCP checksums
Print frame payload in hex
-K
-x
List data link types for the interface
Print frame payload in hex and ASCII
-L
-X
Don't convert addresses to names
Specify the data link type
-n
-y <type>
Don't capture in promiscuous mode
Drop privileges from root to user
-p
-Z <user>
Capture Filter Primitives
Matches a host as the IP source, destination, or either
[src|dst] host
<host>
Matches a host as the Ethernet source, destination, or either
ether [src|dst] host
<ehost>
Matches packets which used host as a gateway
gateway host
<host>
Matches packets to or from an endpoint residing in network
[src|dst] net
<network>
/
<len>
Matches TCP or UDP packets sent to/from port
[tcp|udp] [src|dst] port
<port>
[tcp|udp] [src|dst] portrange
<p1>
-
<p2>
Matches TCP or UDP packets to/from a port in the given range
Matches packets less than or equal to length
less
<length>
Matches packets greater than or equal to length
greater
<length>
Matches an Ethernet, IPv4, or IPv6 protocol
(ether|ip|ip6) proto
<protocol>
Matches Ethernet or IPv4 broadcasts
(ether|ip) broadcast
Matches Ethernet, IPv4, or IPv6 multicasts
(ether|ip|ip6) multicast
type (mgt|ctl|data) [subtype
<subtype>
]
Matches 802.11 frames based on type and optional subtype
Matches 802.1Q frames, optionally with a VLAN ID of vlan
vlan [
<vlan>
]
Matches MPLS packets, optionally with a label of label
mpls [
<label>
]
Matches packets by an arbitrary expression
<expr> <relop> <expr>
Protocols
Modifiers
Examples
!
or
not
&&
or
and
||
or
or
UDP not bound for port 53
arp
ip6
slip
udp dst port not 53
Traffic between these hosts
ether
link
tcp
host 10.0.0.1 && host 10.0.0.2
Packets to either TCP port
fddi
ppp
tr
tcp dst port 80 or 8080
icmp
radio
udp
ICMP Types
ip
rarp
wlan
icmp-echoreply
icmp-routeradvert
icmp-tstampreply
TCP Flags
icmp-unreach
icmp-routersolicit
icmp-ireq
tcp-urg
tcp-rst
icmp-sourcequench
icmp-timxceed
icmp-ireqreply
tcp-ack
tcp-syn
icmp-redirect
icmp-paramprob
icmp-maskreq
tcp-psh
tcp-fin
icmp-echo
icmp-tstamp
icmp-maskreply
by Jeremy Stretch
v2.0
Plik z chomika:
musli_com
Inne pliki z tego folderu:
Cheat Sheets - PacketLife.net(2).zip
(2130 KB)
Cisco_IOS_Versions(1).pdf
(67 KB)
EIGRP(2).pdf
(66 KB)
Frame_Mode_MPLS(1).pdf
(68 KB)
IEEE_802.1X(1).pdf
(65 KB)
Inne foldery tego chomika:
Data Mining
Data Structures
Demystified Series
Dreamweaver
Eclipse
Zgłoś jeśli
naruszono regulamin