@tcpdump »ç¿ë¹ý
tcpdump --help
tcpdump version 4.1-PRE-CVS_2012_03_26
libpcap version 1.4.0
Usage: tcpdump
[-aAdDefIKlLnNOpqRStuUvxX] [ -B size ] [ -c count ]
[ -C file_size ] [ -E algo:secret ] [ -F file
] [ -G seconds ]
[ -i interface ] [ -M secret ]
[ -r file ]
[ -s snaplen ] [ -T type ] [ -w
file ] [ -W filecount ]
[ -y datalinktype ] [ -z
command ] [ -Z user ]
[ expression ]
>> °¢
¿É¼Ç¿¡ ´ëÇÑ ³»¿ëÀ̸ç ÀÚ¼¼ÇÑ ¼³¸íÀº "man tcpdump" ¿¡¼ È®ÀÎÀÌ °¡´É ÇÕ´Ï´Ù.
example
#tcpdump -vvv
>> ¸ðµç
ÀÎÅÍÆäÀ̽º¿¡ ´ëÇÏ¿©
more verbose ¸ðµå·Î console ¿¡ Ãâ·Â
#tcpdump -vvv > /tmp/tcpdump.txt
>> ¸ðµç
ÀÎÅÍÆäÀ̽º¿¡ ´ëÇÏ¿©
more verbose ¸ðµå·Î ¹ß»ýµÇ´Â
³»¿ë¿¡ ´ëÇÏ¿©
">" ¸®´ÙÀÌ·ºÆ®·Î
>> /tmp/tcpdump.txt ¿¡ ±â·Ï
#tcpdump -i bond0 -vvv
>> bond0 ÀÎÅÍÆäÀ̽º¿¡ ´ëÇÏ¿©
more verbose ¸ðµå·Î console ¿¡ Ãâ·Â
#tcpdump -i bond0 -vvv >
/tmp/tcpdump.txt
>> bond0 ÀÎÅÍÆäÀ̽º¿¡ ´ëÇÏ¿©
more verbose ¸ðµå·Î ¹ß»ýµÇ´Â
³»¿ë¿¡ ´ëÇÏ¿©
">" ¸®´ÙÀÌ·ºÆ®·Î
>> /tmp/tcpdump.txt ¿¡ ±â·Ï
#tcpdump -i bond0 -vvv -w /tmp/tcpdump2
>> ÇØ´ç
ÆÄÀÏÀ» binary ÇüÅÂÀÇ ÆÄÀÏ·Î ±â·Ï, ÇØ´ç
ÆÄÀÏÀ» È®ÀÎÇϱâ À§Çؼ´Â " tcpdump -r /tmp/tcpdump2
>> or tcpdump -Xqnr /tmp/tcpdump2
" ·Î È®ÀÎ
°¡´É
verbose ¸ðµå´Â
»óȲ¿¡ ¸Â°Ô
"none , -v , -vv , -vvv " À»
¼±ÅÃÇÏ¿© »ç¿ë ÇϽñ⠹ٶø´Ï´Ù.
°ü·Ã ³»¿ë
÷ºÎ:
-v When parsing and printing,
produce (slightly more) verbose output.
For example, the time to live, identification, total length and options
in an
IP packet
are printed. Also enables additional packet integrity
checks such as verifying the IP and ICMP header checksum.
When writing to a file with the
-w option, report, every 10 seconds, the number of packets captured.
-vv Even more verbose
output. For example, additional fields
are printed from NFS reply packets, and SMB packets are fully decoded.
-vvv Even more verbose
output. For example, telnet SB ... SE
options are printed in full. With -X
Telnet options are printed in hex as well
