【CentOS 7筆記41】,監控網絡狀態1#
shallow丿ove網絡
查看網絡狀態netstat
-
netstat -lnp #查看監聽端口dom
-
netstat -an #查看系統的網絡鏈接情況ssh
-
netstat -lntp #只看出tcp的,不包含socketsocket
-
ss -an和netstat殊途同歸tcp
-
netstat -an | awk '/^tcp/ {++sta[$NF]} END {for(key in sta) print key,"\t",sta[key]}'工具
[root@localhost ~]# netstat -lnp Active Internet connections (only servers) Proto Recv-Q Send-Q Local Address Foreign Address State PID/Program name tcp 0 0 127.0.0.1:25 0.0.0.0:* LISTEN 2359/master tcp 0 0 0.0.0.0:2049 0.0.0.0:* LISTEN - tcp 0 0 0.0.0.0:56877 0.0.0.0:* LISTEN 2452/rpc.statd tcp 0 0 0.0.0.0:111 0.0.0.0:* LISTEN 1/systemd tcp 0 0 0.0.0.0:20048 0.0.0.0:* LISTEN 2454/rpc.mountd tcp 0 0 0.0.0.0:49009 0.0.0.0:* LISTEN - tcp 0 0 0.0.0.0:22 0.0.0.0:* LISTEN 1327/sshd tcp6 0 0 ::1:25 :::* LISTEN 2359/master tcp6 0 0 :::2049 :::* LISTEN - tcp6 0 0 :::59304 :::* LISTEN - tcp6 0 0 :::111 :::* LISTEN 1/systemd tcp6 0 0 :::38128 :::* LISTEN 2452/rpc.statd tcp6 0 0 :::20048 :::* LISTEN 2454/rpc.mountd tcp6 0 0 :::22 :::* LISTEN 1327/sshd udp 0 0 0.0.0.0:2049 0.0.0.0:* - udp 0 0 0.0.0.0:39964 0.0.0.0:* 702/avahi-daemon: r udp 0 0 0.0.0.0:111 0.0.0.0:* 2439/rpcbind udp 0 0 0.0.0.0:5353 0.0.0.0:* 702/avahi-daemon: r udp 0 0 0.0.0.0:44553 0.0.0.0:* 2452/rpc.statd udp 0 0 0.0.0.0:20048 0.0.0.0:* 2454/rpc.mountd udp 0 0 0.0.0.0:47979 0.0.0.0:* - udp 0 0 0.0.0.0:918 0.0.0.0:* 2439/rpcbind udp 0 0 127.0.0.1:932 0.0.0.0:* 2452/rpc.statd udp6 0 0 :::2049 :::* - udp6 0 0 :::111 :::* 2439/rpcbind udp6 0 0 :::20048 :::* 2454/rpc.mountd udp6 0 0 :::53952 :::* - udp6 0 0 :::45920 :::* 2452/rpc.statd udp6 0 0 :::918 :::* 2439/rpcbind raw6 0 0 :::58 :::* 7 808/NetworkManager Active UNIX domain sockets (only servers) Proto RefCnt Flags Type State I-Node PID/Program name Path unix 2 [ ACC ] STREAM LISTENING 15378 1/systemd /var/run/avahi-daemon/socket unix 2 [ ACC ] STREAM LISTENING 7962 1/systemd /run/systemd/journal/stdout unix 2 [ ACC ] STREAM LISTENING 15388 1/systemd /var/run/rpcbind.sock unix 2 [ ACC ] STREAM LISTENING 21751 2359/master public/cleanup unix 2 [ ACC ] STREAM LISTENING 21754 2359/master public/qmgr unix 2 [ ACC ] STREAM LISTENING 21776 2359/master public/flush unix 2 [ ACC ] STREAM LISTENING 21791 2359/master public/showq unix 2 [ ACC ] STREAM LISTENING 15398 1/systemd /var/run/dbus/system_bus_socket unix 2 [ ACC ] STREAM LISTENING 12844 1/systemd /run/systemd/private unix 2 [ ACC ] STREAM LISTENING 21758 2359/master private/tlsmgr unix 2 [ ACC ] STREAM LISTENING 21761 2359/master private/rewrite unix 2 [ ACC ] STREAM LISTENING 21764 2359/master private/bounce unix 2 [ ACC ] STREAM LISTENING 21767 2359/master private/defer unix 2 [ ACC ] STREAM LISTENING 21770 2359/master private/trace unix 2 [ ACC ] STREAM LISTENING 21773 2359/master private/verify unix 2 [ ACC ] STREAM LISTENING 21779 2359/master private/proxymap unix 2 [ ACC ] STREAM LISTENING 21782 2359/master private/proxywrite unix 2 [ ACC ] STREAM LISTENING 21785 2359/master private/smtp unix 2 [ ACC ] STREAM LISTENING 21788 2359/master private/relay unix 2 [ ACC ] STREAM LISTENING 21794 2359/master private/error unix 2 [ ACC ] STREAM LISTENING 21797 2359/master private/retry unix 2 [ ACC ] STREAM LISTENING 21800 2359/master private/discard unix 2 [ ACC ] STREAM LISTENING 21803 2359/master private/local unix 2 [ ACC ] STREAM LISTENING 21806 2359/master private/virtual unix 2 [ ACC ] STREAM LISTENING 21809 2359/master private/lmtp unix 2 [ ACC ] STREAM LISTENING 21812 2359/master private/anvil unix 2 [ ACC ] STREAM LISTENING 21815 2359/master private/scache unix 2 [ ACC ] STREAM LISTENING 16216 808/NetworkManager /var/run/NetworkManager/private unix 2 [ ACC ] STREAM LISTENING 17563 808/NetworkManager /var/run/NetworkManager/private-dhcp unix 2 [ ACC ] STREAM LISTENING 21747 2359/master public/pickup unix 2 [ ACC ] STREAM LISTENING 15573 719/gssproxy /var/lib/gssproxy/default.sock unix 2 [ ACC ] STREAM LISTENING 15574 719/gssproxy /run/gssproxy.sock unix 2 [ ACC ] STREAM LISTENING 13018 1/systemd /run/lvm/lvmpolld.socket unix 2 [ ACC ] SEQPACKET LISTENING 11512 1/systemd /run/udev/control unix 2 [ ACC ] STREAM LISTENING 13052 1/systemd /run/lvm/lvmetad.socket
[root@localhost ~]# netstat -an Active Internet connections (servers and established) Proto Recv-Q Send-Q Local Address Foreign Address State tcp 0 0 127.0.0.1:25 0.0.0.0:* LISTEN tcp 0 0 0.0.0.0:2049 0.0.0.0:* LISTEN tcp 0 0 0.0.0.0:56877 0.0.0.0:* LISTEN tcp 0 0 0.0.0.0:111 0.0.0.0:* LISTEN tcp 0 0 0.0.0.0:20048 0.0.0.0:* LISTEN tcp 0 0 0.0.0.0:49009 0.0.0.0:* LISTEN tcp 0 0 0.0.0.0:22 0.0.0.0:* LISTEN tcp 0 0 192.168.9.134:22 192.168.9.1:7122 ESTABLISHED tcp 0 52 192.168.9.134:22 192.168.9.1:2713 ESTABLISHED tcp6 0 0 ::1:25 :::* LISTEN tcp6 0 0 :::2049 :::* LISTEN tcp6 0 0 :::59304 :::* LISTEN tcp6 0 0 :::111 :::* LISTEN tcp6 0 0 :::38128 :::* LISTEN tcp6 0 0 :::20048 :::* LISTEN tcp6 0 0 :::22 :::* LISTEN udp 0 0 0.0.0.0:2049 0.0.0.0:* udp 0 0 0.0.0.0:39964 0.0.0.0:* udp 0 0 0.0.0.0:111 0.0.0.0:* udp 0 0 0.0.0.0:5353 0.0.0.0:* udp 0 0 0.0.0.0:44553 0.0.0.0:* udp 0 0 0.0.0.0:20048 0.0.0.0:* udp 0 0 0.0.0.0:47979 0.0.0.0:* udp 0 0 0.0.0.0:918 0.0.0.0:* udp 0 0 127.0.0.1:932 0.0.0.0:* udp6 0 0 :::2049 :::* udp6 0 0 :::111 :::* udp6 0 0 :::20048 :::* udp6 0 0 :::53952 :::* udp6 0 0 :::45920 :::* udp6 0 0 :::918 :::* raw6 0 0 :::58 :::* 7 Active UNIX domain sockets (servers and established) Proto RefCnt Flags Type State I-Node Path unix 2 [ ] DGRAM 7948 /run/systemd/notify unix 2 [ ] DGRAM 7950 /run/systemd/cgroups-agent unix 2 [ ACC ] STREAM LISTENING 15378 /var/run/avahi-daemon/socket unix 2 [ ACC ] STREAM LISTENING 7962 /run/systemd/journal/stdout unix 2 [ ACC ] STREAM LISTENING 15388 /var/run/rpcbind.sock unix 5 [ ] DGRAM 7965 /run/systemd/journal/socket unix 16 [ ] DGRAM 7967 /dev/log unix 2 [ ACC ] STREAM LISTENING 21751 public/cleanup unix 2 [ ACC ] STREAM LISTENING 21754 public/qmgr unix 2 [ ACC ] STREAM LISTENING 21776 public/flush unix 2 [ ACC ] STREAM LISTENING 21791 public/showq unix 2 [ ACC ] STREAM LISTENING 15398 /var/run/dbus/system_bus_socket unix 2 [ ACC ] STREAM LISTENING 12844 /run/systemd/private unix 2 [ ACC ] STREAM LISTENING 21758 private/tlsmgr unix 2 [ ACC ] STREAM LISTENING 21761 private/rewrite unix 2 [ ACC ] STREAM LISTENING 21764 private/bounce unix 2 [ ACC ] STREAM LISTENING 21767 private/defer unix 2 [ ACC ] STREAM LISTENING 21770 private/trace unix 2 [ ACC ] STREAM LISTENING 21773 private/verify unix 2 [ ACC ] STREAM LISTENING 21779 private/proxymap unix 2 [ ACC ] STREAM LISTENING 21782 private/proxywrite unix 2 [ ACC ] STREAM LISTENING 21785 private/smtp unix 2 [ ACC ] STREAM LISTENING 21788 private/relay unix 2 [ ACC ] STREAM LISTENING 21794 private/error unix 2 [ ACC ] STREAM LISTENING 21797 private/retry unix 2 [ ACC ] STREAM LISTENING 21800 private/discard unix 2 [ ACC ] STREAM LISTENING 21803 private/local unix 2 [ ACC ] STREAM LISTENING 21806 private/virtual unix 2 [ ACC ] STREAM LISTENING 21809 private/lmtp unix 2 [ ACC ] STREAM LISTENING 21812 private/anvil unix 2 [ ACC ] STREAM LISTENING 21815 private/scache unix 2 [ ACC ] STREAM LISTENING 16216 /var/run/NetworkManager/private unix 2 [ ACC ] STREAM LISTENING 17563 /var/run/NetworkManager/private-dhcp unix 2 [ ACC ] STREAM LISTENING 21747 public/pickup unix 2 [ ACC ] STREAM LISTENING 15573 /var/lib/gssproxy/default.sock unix 2 [ ] DGRAM 13011 /run/systemd/shutdownd unix 2 [ ACC ] STREAM LISTENING 15574 /run/gssproxy.sock unix 2 [ ACC ] STREAM LISTENING 13018 /run/lvm/lvmpolld.socket unix 2 [ ACC ] SEQPACKET LISTENING 11512 /run/udev/control unix 2 [ ACC ] STREAM LISTENING 13052 /run/lvm/lvmetad.socket unix 3 [ ] STREAM CONNECTED 21795 unix 3 [ ] STREAM CONNECTED 21749 unix 2 [ ] DGRAM 21375 unix 3 [ ] STREAM CONNECTED 21814 unix 3 [ ] STREAM CONNECTED 15578 unix 3 [ ] STREAM CONNECTED 21768 unix 3 [ ] STREAM CONNECTED 16959 unix 3 [ ] STREAM CONNECTED 16483 /run/systemd/journal/stdout unix 3 [ ] STREAM CONNECTED 21799 unix 3 [ ] STREAM CONNECTED 21789 unix 3 [ ] STREAM CONNECTED 21772 unix 3 [ ] STREAM CONNECTED 21752 unix 3 [ ] STREAM CONNECTED 16221 unix 3 [ ] STREAM CONNECTED 15565 unix 2 [ ] DGRAM 17547 unix 3 [ ] STREAM CONNECTED 16008 /run/systemd/journal/stdout unix 3 [ ] STREAM CONNECTED 13434 unix 3 [ ] STREAM CONNECTED 16346 /var/run/dbus/system_bus_socket unix 3 [ ] STREAM CONNECTED 15561 unix 3 [ ] STREAM CONNECTED 21777 unix 3 [ ] STREAM CONNECTED 21760 unix 3 [ ] STREAM CONNECTED 16781 unix 3 [ ] STREAM CONNECTED 21807 unix 3 [ ] STREAM CONNECTED 21748 unix 3 [ ] STREAM CONNECTED 17441 /var/run/dbus/system_bus_socket unix 3 [ ] STREAM CONNECTED 15523 /run/systemd/journal/stdout unix 3 [ ] STREAM CONNECTED 21781 unix 3 [ ] STREAM CONNECTED 16007 unix 3 [ ] STREAM CONNECTED 16752 unix 3 [ ] STREAM CONNECTED 22797 unix 3 [ ] STREAM CONNECTED 12003 unix 3 [ ] STREAM CONNECTED 21811 unix 3 [ ] STREAM CONNECTED 15586 unix 3 [ ] STREAM CONNECTED 21769 unix 3 [ ] STREAM CONNECTED 21756 unix 3 [ ] STREAM CONNECTED 21792 unix 3 [ ] STREAM CONNECTED 16218 unix 3 [ ] STREAM CONNECTED 21798 unix 3 [ ] STREAM CONNECTED 15560 unix 2 [ ] DGRAM 38716 unix 3 [ ] STREAM CONNECTED 16532 /run/systemd/journal/stdout unix 3 [ ] STREAM CONNECTED 16482 unix 3 [ ] STREAM CONNECTED 15594 /var/run/dbus/system_bus_socket unix 3 [ ] STREAM CONNECTED 21780 unix 2 [ ] DGRAM 21832 unix 3 [ ] STREAM CONNECTED 21802 unix 3 [ ] STREAM CONNECTED 18325 /run/systemd/journal/stdout unix 3 [ ] STREAM CONNECTED 15521 unix 3 [ ] STREAM CONNECTED 21755 unix 3 [ ] STREAM CONNECTED 16780 unix 2 [ ] DGRAM 16209 unix 3 [ ] DGRAM 13473 unix 3 [ ] STREAM CONNECTED 21784 unix 3 [ ] STREAM CONNECTED 21810 unix 3 [ ] STREAM CONNECTED 21765 unix 3 [ ] STREAM CONNECTED 21745 unix 3 [ ] STREAM CONNECTED 13446 /run/systemd/journal/stdout unix 3 [ ] STREAM CONNECTED 17446 /var/run/dbus/system_bus_socket unix 3 [ ] STREAM CONNECTED 11961 /run/systemd/journal/stdout unix 3 [ ] STREAM CONNECTED 21787 unix 3 [ ] STREAM CONNECTED 21793 unix 3 [ ] STREAM CONNECTED 16531 unix 3 [ ] STREAM CONNECTED 21816 unix 3 [ ] STREAM CONNECTED 21774 unix 3 [ ] STREAM CONNECTED 21753 unix 2 [ ] DGRAM 14275 unix 3 [ ] STREAM CONNECTED 17150 /var/run/dbus/system_bus_socket unix 3 [ ] STREAM CONNECTED 21801 unix 2 [ ] DGRAM 30598 unix 3 [ ] STREAM CONNECTED 16345 unix 3 [ ] STREAM CONNECTED 16581 /run/systemd/journal/stdout unix 3 [ ] STREAM CONNECTED 22796 unix 3 [ ] STREAM CONNECTED 21762 unix 2 [ ] DGRAM 16778 unix 3 [ ] STREAM CONNECTED 16630 /run/systemd/journal/stdout unix 3 [ ] STREAM CONNECTED 21805 unix 2 [ ] DGRAM 43765 unix 3 [ ] STREAM CONNECTED 21783 unix 3 [ ] STREAM CONNECTED 21766 unix 3 [ ] STREAM CONNECTED 15588 /var/run/dbus/system_bus_socket unix 3 [ ] STREAM CONNECTED 16729 unix 3 [ ] STREAM CONNECTED 21746 unix 3 [ ] STREAM CONNECTED 19003 unix 2 [ ] DGRAM 15726 unix 2 [ ] DGRAM 43637 unix 3 [ ] STREAM CONNECTED 21771 unix 3 [ ] STREAM CONNECTED 16960 /run/systemd/journal/stdout unix 2 [ ] DGRAM 15550 unix 3 [ ] STREAM CONNECTED 21813 unix 3 [ ] STREAM CONNECTED 21796 unix 3 [ ] STREAM CONNECTED 21786 unix 3 [ ] STREAM CONNECTED 21775 unix 2 [ ] DGRAM 21720 unix 3 [ ] STREAM CONNECTED 15587 unix 2 [ ] STREAM CONNECTED 22848 unix 3 [ ] STREAM CONNECTED 21817 unix 3 [ ] STREAM CONNECTED 21790 unix 3 [ ] STREAM CONNECTED 21763 unix 2 [ ] DGRAM 17447 unix 3 [ ] STREAM CONNECTED 15591 /var/run/dbus/system_bus_socket unix 3 [ ] STREAM CONNECTED 21759 unix 3 [ ] STREAM CONNECTED 15910 unix 3 [ ] STREAM CONNECTED 15510 unix 2 [ ] DGRAM 22754 unix 3 [ ] STREAM CONNECTED 21804 unix 3 [ ] STREAM CONNECTED 21778 unix 2 [ ] DGRAM 16741 unix 3 [ ] STREAM CONNECTED 15580 /run/gssproxy.sock unix 3 [ ] STREAM CONNECTED 16629 unix 2 [ ] DGRAM 12015 unix 3 [ ] STREAM CONNECTED 21808 unix 3 [ ] DGRAM 13472
tcp.net
[root@localhost ~]# netstat -ltnp Active Internet connections (only servers) Proto Recv-Q Send-Q Local Address Foreign Address State PID/Program name tcp 0 0 127.0.0.1:25 0.0.0.0:* LISTEN 2359/master tcp 0 0 0.0.0.0:2049 0.0.0.0:* LISTEN - tcp 0 0 0.0.0.0:56877 0.0.0.0:* LISTEN 2452/rpc.statd tcp 0 0 0.0.0.0:111 0.0.0.0:* LISTEN 1/systemd tcp 0 0 0.0.0.0:20048 0.0.0.0:* LISTEN 2454/rpc.mountd tcp 0 0 0.0.0.0:49009 0.0.0.0:* LISTEN - tcp 0 0 0.0.0.0:22 0.0.0.0:* LISTEN 1327/sshd tcp6 0 0 ::1:25 :::* LISTEN 2359/master tcp6 0 0 :::2049 :::* LISTEN - tcp6 0 0 :::59304 :::* LISTEN - tcp6 0 0 :::111 :::* LISTEN 1/systemd tcp6 0 0 :::38128 :::* LISTEN 2452/rpc.statd tcp6 0 0 :::20048 :::* LISTEN 2454/rpc.mountd tcp6 0 0 :::22 :::* LISTEN 1327/sshd
tcp和udpunix
[root@localhost ~]# netstat -ltunp Active Internet connections (only servers) Proto Recv-Q Send-Q Local Address Foreign Address State PID/Program name tcp 0 0 127.0.0.1:25 0.0.0.0:* LISTEN 2359/master tcp 0 0 0.0.0.0:2049 0.0.0.0:* LISTEN - tcp 0 0 0.0.0.0:56877 0.0.0.0:* LISTEN 2452/rpc.statd tcp 0 0 0.0.0.0:111 0.0.0.0:* LISTEN 1/systemd tcp 0 0 0.0.0.0:20048 0.0.0.0:* LISTEN 2454/rpc.mountd tcp 0 0 0.0.0.0:49009 0.0.0.0:* LISTEN - tcp 0 0 0.0.0.0:22 0.0.0.0:* LISTEN 1327/sshd tcp6 0 0 ::1:25 :::* LISTEN 2359/master tcp6 0 0 :::2049 :::* LISTEN - tcp6 0 0 :::59304 :::* LISTEN - tcp6 0 0 :::111 :::* LISTEN 1/systemd tcp6 0 0 :::38128 :::* LISTEN 2452/rpc.statd tcp6 0 0 :::20048 :::* LISTEN 2454/rpc.mountd tcp6 0 0 :::22 :::* LISTEN 1327/sshd udp 0 0 0.0.0.0:2049 0.0.0.0:* - udp 0 0 0.0.0.0:39964 0.0.0.0:* 702/avahi-daemon: r udp 0 0 0.0.0.0:111 0.0.0.0:* 2439/rpcbind udp 0 0 0.0.0.0:5353 0.0.0.0:* 702/avahi-daemon: r udp 0 0 0.0.0.0:44553 0.0.0.0:* 2452/rpc.statd udp 0 0 0.0.0.0:20048 0.0.0.0:* 2454/rpc.mountd udp 0 0 0.0.0.0:47979 0.0.0.0:* - udp 0 0 0.0.0.0:918 0.0.0.0:* 2439/rpcbind udp 0 0 127.0.0.1:932 0.0.0.0:* 2452/rpc.statd udp6 0 0 :::2049 :::* - udp6 0 0 :::111 :::* 2439/rpcbind udp6 0 0 :::20048 :::* 2454/rpc.mountd udp6 0 0 :::53952 :::* - udp6 0 0 :::45920 :::* 2452/rpc.statd udp6 0 0 :::918 :::* 2439/rpcbind
[root@localhost ~]# netstat -an | awk '/^tcp/ {++sta[$NF]} END {for(key in sta) print key,"\t",sta[key]}'
LISTEN 14
ESTABLISHED 2
[root@localhost ~]# ss -an Netid State Recv-Q Send-Q Local Address:Port Peer Address:Port nl UNCONN 0 0 0:702 * nl UNCONN 0 0 0:0 * nl UNCONN 0 0 0:808 * nl UNCONN 0 0 0:4195112 * nl UNCONN 4352 0 4:4829 * nl UNCONN 768 0 4:0 * nl UNCONN 0 0 6:0 * nl UNCONN 0 0 7:704 * nl UNCONN 0 0 7:0 * nl UNCONN 0 0 7:1 * nl UNCONN 0 0 9:650 * nl UNCONN 0 0 9:1 * nl UNCONN 0 0 9:0 * nl UNCONN 0 0 10:0 * nl UNCONN 0 0 11:0 * nl UNCONN 0 0 15:1657 * nl UNCONN 0 0 15:1 * nl UNCONN 0 0 15:699 * nl UNCONN 0 0 15:0 * nl UNCONN 0 0 15:537 * nl UNCONN 0 0 15:-4125 * nl UNCONN 0 0 15:-4123 * nl UNCONN 0 0 15:808 * nl UNCONN 0 0 15:-4122 * nl UNCONN 0 0 15:1658 * nl UNCONN 0 0 15:-4109 * nl UNCONN 0 0 15:698 * nl UNCONN 0 0 15:1732 * nl UNCONN 0 0 15:-4124 * nl UNCONN 0 0 15:-4121 * nl UNCONN 0 0 16:0 * nl UNCONN 0 0 18:0 * u_dgr UNCONN 0 0 /run/systemd/notify 7948 * 0 u_dgr UNCONN 0 0 /run/systemd/cgroups-agent 7950 * 0 u_str LISTEN 0 128 /var/run/avahi-daemon/socket 15378 * 0 u_str LISTEN 0 128 /run/systemd/journal/stdout 7962 * 0 u_str LISTEN 0 128 /var/run/rpcbind.sock 15388 * 0 u_dgr UNCONN 0 0 /run/systemd/journal/socket 7965 * 0 u_dgr UNCONN 0 0 /dev/log 7967 * 0 u_str LISTEN 0 100 public/cleanup 21751 * 0 u_str LISTEN 0 100 public/qmgr 21754 * 0 u_str LISTEN 0 100 public/flush 21776 * 0 u_str LISTEN 0 100 public/showq 21791 * 0 u_str LISTEN 0 128 /var/run/dbus/system_bus_socket 15398 * 0 u_str LISTEN 0 128 /run/systemd/private 12844 * 0 u_str LISTEN 0 100 private/tlsmgr 21758 * 0 u_str LISTEN 0 100 private/rewrite 21761 * 0 u_str LISTEN 0 100 private/bounce 21764 * 0 u_str LISTEN 0 100 private/defer 21767 * 0 u_str LISTEN 0 100 private/trace 21770 * 0 u_str LISTEN 0 100 private/verify 21773 * 0 u_str LISTEN 0 100 private/proxymap 21779 * 0 u_str LISTEN 0 100 private/proxywrite 21782 * 0 u_str LISTEN 0 100 private/smtp 21785 * 0 u_str LISTEN 0 100 private/relay 21788 * 0 u_str LISTEN 0 100 private/error 21794 * 0 u_str LISTEN 0 100 private/retry 21797 * 0 u_str LISTEN 0 100 private/discard 21800 * 0 u_str LISTEN 0 100 private/local 21803 * 0 u_str LISTEN 0 100 private/virtual 21806 * 0 u_str LISTEN 0 100 private/lmtp 21809 * 0 u_str LISTEN 0 100 private/anvil 21812 * 0 u_str LISTEN 0 100 private/scache 21815 * 0 u_str LISTEN 0 30 /var/run/NetworkManager/private 16216 * 0 u_str LISTEN 0 30 /var/run/NetworkManager/private-dhcp 17563 * 0 u_str LISTEN 0 100 public/pickup 21747 * 0 u_str LISTEN 0 10 /var/lib/gssproxy/default.sock 15573 * 0 u_dgr UNCONN 0 0 /run/systemd/shutdownd 13011 * 0 u_str LISTEN 0 10 /run/gssproxy.sock 15574 * 0 u_str LISTEN 0 128 /run/lvm/lvmpolld.socket 13018 * 0 u_dgr LISTEN 0 128 /run/udev/control 11512 * 0 u_str LISTEN 0 128 /run/lvm/lvmetad.socket 13052 * 0 u_str ESTAB 0 0 * 21795 * 21796 u_str ESTAB 0 0 * 21749 * 21748 u_dgr UNCONN 0 0 * 21375 * 7967 u_str ESTAB 0 0 * 21814 * 21813 u_str ESTAB 0 0 * 15578 * 15580 u_str ESTAB 0 0 * 21768 * 21769 u_str ESTAB 0 0 * 16959 * 16960 u_str ESTAB 0 0 /run/systemd/journal/stdout 16483 * 16482 u_str ESTAB 0 0 * 21799 * 21798 u_str ESTAB 0 0 * 21789 * 21790 u_str ESTAB 0 0 * 21772 * 21771 u_str ESTAB 0 0 * 21752 * 21753 u_str ESTAB 0 0 * 16221 * 17446 u_str ESTAB 0 0 * 15565 * 15594 u_dgr UNCONN 0 0 * 17547 * 7967 u_str ESTAB 0 0 /run/systemd/journal/stdout 16008 * 16007 u_str ESTAB 0 0 * 13434 * 11961 u_str ESTAB 0 0 /var/run/dbus/system_bus_socket 16346 * 16345 u_str ESTAB 0 0 * 15561 * 15560 u_str ESTAB 0 0 * 21777 * 21778 u_str ESTAB 0 0 * 21760 * 21759 u_str ESTAB 0 0 * 16781 * 16780 u_str ESTAB 0 0 * 21807 * 21808 u_str ESTAB 0 0 * 21748 * 21749 u_str ESTAB 0 0 /var/run/dbus/system_bus_socket 17441 * 16218 u_str ESTAB 0 0 /run/systemd/journal/stdout 15523 * 16729 u_str ESTAB 0 0 * 21781 * 21780 u_str ESTAB 0 0 * 16007 * 16008 u_str ESTAB 0 0 * 16752 * 15591 u_str ESTAB 0 0 * 22797 * 22796 u_str ESTAB 0 0 * 12003 * 13446 u_str ESTAB 0 0 * 21811 * 21810 u_str ESTAB 0 0 * 15586 * 15587 u_str ESTAB 0 0 * 21769 * 21768 u_str ESTAB 0 0 * 21756 * 21755 u_str ESTAB 0 0 * 21792 * 21793 u_str ESTAB 0 0 * 16218 * 17441 u_str ESTAB 0 0 * 21798 * 21799 u_str ESTAB 0 0 * 15560 * 15561 u_dgr UNCONN 0 0 * 38716 * 7967 u_str ESTAB 0 0 /run/systemd/journal/stdout 16532 * 16531 u_str ESTAB 0 0 * 16482 * 16483 u_str ESTAB 0 0 /var/run/dbus/system_bus_socket 15594 * 15565 u_str ESTAB 0 0 * 21780 * 21781 u_dgr UNCONN 0 0 * 21832 * 7967 u_str ESTAB 0 0 * 21802 * 21801 u_str ESTAB 0 0 /run/systemd/journal/stdout 18325 * 19003 u_str ESTAB 0 0 * 15521 * 15588 u_str ESTAB 0 0 * 21755 * 21756 u_str ESTAB 0 0 * 16780 * 16781 u_dgr UNCONN 0 0 * 16209 * 7967 u_dgr UNCONN 0 0 * 13473 * 13472 u_str ESTAB 0 0 * 21784 * 21783 u_str ESTAB 0 0 * 21810 * 21811 u_str ESTAB 0 0 * 21765 * 21766 u_str ESTAB 0 0 * 21745 * 21746 u_str ESTAB 0 0 /run/systemd/journal/stdout 13446 * 12003 u_str ESTAB 0 0 /var/run/dbus/system_bus_socket 17446 * 16221 u_str ESTAB 0 0 /run/systemd/journal/stdout 11961 * 13434 u_str ESTAB 0 0 * 21787 * 21786 u_str ESTAB 0 0 * 21793 * 21792 u_str ESTAB 0 0 * 16531 * 16532 u_str ESTAB 0 0 * 21816 * 21817 u_str ESTAB 0 0 * 21774 * 21775 u_str ESTAB 0 0 * 21753 * 21752 u_dgr UNCONN 0 0 * 14275 * 7967 u_str ESTAB 0 0 /var/run/dbus/system_bus_socket 17150 * 15910 u_str ESTAB 0 0 * 21801 * 21802 u_dgr UNCONN 0 0 * 30598 * 7965 u_str ESTAB 0 0 * 16345 * 16346 u_str ESTAB 0 0 /run/systemd/journal/stdout 16581 * 15510 u_str ESTAB 0 0 * 22796 * 22797 u_str ESTAB 0 0 * 21762 * 21763 u_dgr UNCONN 0 0 * 16778 * 7967 u_str ESTAB 0 0 /run/systemd/journal/stdout 16630 * 16629 u_str ESTAB 0 0 * 21805 * 21804 u_dgr UNCONN 0 0 * 43765 * 7967 u_str ESTAB 0 0 * 21783 * 21784 u_str ESTAB 0 0 * 21766 * 21765 u_str ESTAB 0 0 /var/run/dbus/system_bus_socket 15588 * 15521 u_str ESTAB 0 0 * 16729 * 15523 u_str ESTAB 0 0 * 21746 * 21745 u_str ESTAB 0 0 * 19003 * 18325 u_dgr UNCONN 0 0 * 15726 * 7967 u_dgr UNCONN 0 0 * 43637 * 7967 u_str ESTAB 0 0 * 21771 * 21772 u_str ESTAB 0 0 /run/systemd/journal/stdout 16960 * 16959 u_dgr UNCONN 0 0 * 15550 * 7967 u_str ESTAB 0 0 * 21813 * 21814 u_str ESTAB 0 0 * 21796 * 21795 u_str ESTAB 0 0 * 21786 * 21787 u_str ESTAB 0 0 * 21775 * 21774 u_dgr UNCONN 0 0 * 21720 * 7967 u_str ESTAB 0 0 * 15587 * 15586 u_str ESTAB 0 0 * 22848 * 0 u_str ESTAB 0 0 * 21817 * 21816 u_str ESTAB 0 0 * 21790 * 21789 u_str ESTAB 0 0 * 21763 * 21762 u_dgr UNCONN 0 0 * 17447 * 7967 u_str ESTAB 0 0 /var/run/dbus/system_bus_socket 15591 * 16752 u_str ESTAB 0 0 * 21759 * 21760 u_str ESTAB 0 0 * 15910 * 17150 u_str ESTAB 0 0 * 15510 * 16581 u_dgr UNCONN 0 0 * 22754 * 7967 u_str ESTAB 0 0 * 21804 * 21805 u_str ESTAB 0 0 * 21778 * 21777 u_dgr UNCONN 0 0 * 16741 * 7965 u_str ESTAB 0 0 /run/gssproxy.sock 15580 * 15578 u_str ESTAB 0 0 * 16629 * 16630 u_dgr UNCONN 0 0 * 12015 * 7965 u_str ESTAB 0 0 * 21808 * 21807 u_dgr UNCONN 0 0 * 13472 * 13473 raw UNCONN 0 0 :::58 :::* tcp UNCONN 0 0 *:2049 *:* tcp UNCONN 0 0 *:39964 *:* tcp UNCONN 0 0 *:111 *:* tcp UNCONN 0 0 *:5353 *:* tcp UNCONN 0 0 *:44553 *:* tcp UNCONN 0 0 *:20048 *:* tcp UNCONN 0 0 *:47979 *:* tcp UNCONN 0 0 *:918 *:* tcp UNCONN 0 0 127.0.0.1:932 *:* tcp UNCONN 0 0 :::2049 :::* tcp UNCONN 0 0 :::111 :::* tcp UNCONN 0 0 :::20048 :::* tcp UNCONN 0 0 :::53952 :::* tcp UNCONN 0 0 :::45920 :::* tcp UNCONN 0 0 :::918 :::* tcp LISTEN 0 100 127.0.0.1:25 *:* tcp LISTEN 0 64 *:2049 *:* tcp LISTEN 0 128 *:56877 *:* tcp LISTEN 0 128 *:111 *:* tcp LISTEN 0 128 *:20048 *:* tcp LISTEN 0 64 *:49009 *:* tcp LISTEN 0 128 *:22 *:* tcp ESTAB 0 0 192.168.9.134:22 192.168.9.1:7122 tcp ESTAB 0 2212 192.168.9.134:22 192.168.9.1:2713 tcp LISTEN 0 100 ::1:25 :::* tcp LISTEN 0 64 :::2049 :::* tcp LISTEN 0 64 :::59304 :::* tcp LISTEN 0 128 :::111 :::* tcp LISTEN 0 128 :::38128 :::* tcp LISTEN 0 128 :::20048 :::* tcp LISTEN 0 128 :::22 :::*
[root@localhost ~]# ss -an | grep -i listen u_str LISTEN 0 128 /var/run/avahi-daemon/socket 15378 * 0 u_str LISTEN 0 128 /run/systemd/journal/stdout 7962 * 0 u_str LISTEN 0 128 /var/run/rpcbind.sock 15388 * 0 u_str LISTEN 0 100 public/cleanup 21751 * 0 u_str LISTEN 0 100 public/qmgr 21754 * 0 u_str LISTEN 0 100 public/flush 21776 * 0 u_str LISTEN 0 100 public/showq 21791 * 0 u_str LISTEN 0 128 /var/run/dbus/system_bus_socket 15398 * 0 u_str LISTEN 0 128 /run/systemd/private 12844 * 0 u_str LISTEN 0 100 private/tlsmgr 21758 * 0 u_str LISTEN 0 100 private/rewrite 21761 * 0 u_str LISTEN 0 100 private/bounce 21764 * 0 u_str LISTEN 0 100 private/defer 21767 * 0 u_str LISTEN 0 100 private/trace 21770 * 0 u_str LISTEN 0 100 private/verify 21773 * 0 u_str LISTEN 0 100 private/proxymap 21779 * 0 u_str LISTEN 0 100 private/proxywrite 21782 * 0 u_str LISTEN 0 100 private/smtp 21785 * 0 u_str LISTEN 0 100 private/relay 21788 * 0 u_str LISTEN 0 100 private/error 21794 * 0 u_str LISTEN 0 100 private/retry 21797 * 0 u_str LISTEN 0 100 private/discard 21800 * 0 u_str LISTEN 0 100 private/local 21803 * 0 u_str LISTEN 0 100 private/virtual 21806 * 0 u_str LISTEN 0 100 private/lmtp 21809 * 0 u_str LISTEN 0 100 private/anvil 21812 * 0 u_str LISTEN 0 100 private/scache 21815 * 0 u_str LISTEN 0 30 /var/run/NetworkManager/private 16216 * 0 u_str LISTEN 0 30 /var/run/NetworkManager/private-dhcp 17563 * 0 u_str LISTEN 0 100 public/pickup 21747 * 0 u_str LISTEN 0 10 /var/lib/gssproxy/default.sock 15573 * 0 u_str LISTEN 0 10 /run/gssproxy.sock 15574 * 0 u_str LISTEN 0 128 /run/lvm/lvmpolld.socket 13018 * 0 u_dgr LISTEN 0 128 /run/udev/control 11512 * 0 u_str LISTEN 0 128 /run/lvm/lvmetad.socket 13052 * 0 tcp LISTEN 0 100 127.0.0.1:25 *:* tcp LISTEN 0 64 *:2049 *:* tcp LISTEN 0 128 *:56877 *:* tcp LISTEN 0 128 *:111 *:* tcp LISTEN 0 128 *:20048 *:* tcp LISTEN 0 64 *:49009 *:* tcp LISTEN 0 128 *:22 *:* tcp LISTEN 0 100 ::1:25 :::* tcp LISTEN 0 64 :::2049 :::* tcp LISTEN 0 64 :::59304 :::* tcp LISTEN 0 128 :::111 :::* tcp LISTEN 0 128 :::38128 :::* tcp LISTEN 0 128 :::20048 :::* tcp LISTEN 0 128 :::22 :::*
抓包工具tcpdump
- 用法:tcpdump -nn
- tcpdump -nn -i ens33
- tcpdump -nn port 80
- tcpdump -nn not port 22 and host 192.168.9.233
- tcpdump -nn -c 100 -w 1.cap
- tshark -n -t a -R http.request -T fileds -e "frame.time" -e "ip.src" -e "http.host" -e "http.request.method" -e "http.request.uri"
- yum install -y wireshark
使用tcpdump抓包code
[root@localhost ~]# yum install -y tcpdump Loaded plugins: fastestmirror base | 3.6 kB 00:00:00 epel/x86_64/metalink | 5.6 kB 00:00:00 epel | 4.7 kB 00:00:00 extras | 3.4 kB 00:00:00 updates | 3.4 kB 00:00:00 (1/3): epel/x86_64/updateinfo | 852 kB 00:00:10 (2/3): updates/7/x86_64/primary_db | 3.6 MB 00:00:16 (3/3): epel/x86_64/primary_db | 6.1 MB 00:00:26 Loading mirror speeds from cached hostfile * epel: mirrors.tongji.edu.cn Resolving Dependencies --> Running transaction check ---> Package tcpdump.x86_64 14:4.9.0-5.el7 will be installed --> Finished Dependency Resolution Dependencies Resolved =================================================================================================== Package Arch Version Repository Size =================================================================================================== Installing: tcpdump x86_64 14:4.9.0-5.el7 base 415 k Transaction Summary =================================================================================================== Install 1 Package Total download size: 415 k Installed size: 1.0 M Downloading packages: tcpdump-4.9.0-5.el7.x86_64.rpm | 415 kB 00:00:00 Running transaction check Running transaction test Transaction test succeeded Running transaction Installing : 14:tcpdump-4.9.0-5.el7.x86_64 1/1 Verifying : 14:tcpdump-4.9.0-5.el7.x86_64 1/1 Installed: tcpdump.x86_64 14:4.9.0-5.el7 Complete!
[root@localhost ~]# tcpdump -nn -i eno16777736 02:14:00.780945 IP 192.168.9.1.2713 > 192.168.9.134.22: Flags [.], ack 480216, win 2048, length 0 02:14:00.780994 IP 192.168.9.134.22 > 192.168.9.1.2713: Flags [P.], seq 480216:480604, ack 105, win 137, length 388 02:14:00.781067 IP 192.168.9.134.22 > 192.168.9.1.2713: Flags [P.], seq 480604:480784, ack 105, win 137, length 180 02:14:00.781134 IP 192.168.9.134.22 > 192.168.9.1.2713: Flags [P.], seq 480784:480964, ack 105, win 137, length 180 02:14:00.781137 IP 192.168.9.1.2713 > 192.168.9.134.22: Flags [P.], seq 105:157, ack 480216, win 2048, length 52 ^Ctcpdump: Unable to write output: Interrupted system call
第一個n表示ip以數字形式顯示出來,若不加則顯示主機名server
[root@localhost ~]# tcpdump -nn -i eno16777736 port 22 02:22:54.007382 IP 192.168.9.134.22 > 192.168.9.1.2713: Flags [P.], seq 9122384:9122564, ack 1249, win 137, length 180 02:22:54.007444 IP 192.168.9.134.22 > 192.168.9.1.2713: Flags [P.], seq 9122564:9122744, ack 1249, win 137, length 180 02:22:54.007544 IP 192.168.9.134.22 > 192.168.9.1.2713: Flags [P.], seq 9122744:9122924, ack 1249, win 137, length 180 02:22:54.007575 IP 192.168.9.1.2713 > 192.168.9.134.22: Flags [.], ack 9122744, win 1986, length 0 02:22:54.007661 IP 192.168.9.1.2713 > 192.168.9.134.22: Flags [P.], seq 1249:1301, ack 9122744, win 1986, length 52 ^C 55206 packets captured 55208 packets received by filter 0 packets dropped by kernel
[root@localhost ~]# tcpdump -nn -i eno16777736 not port 22 tcpdump: verbose output suppressed, use -v or -vv for full protocol decode listening on eno16777736, link-type EN10MB (Ethernet), capture size 262144 bytes 02:23:47.530835 ARP, Request who-has 169.254.2.251 tell 192.168.9.1, length 46 02:23:48.030596 ARP, Request who-has 192.168.9.2 tell 192.168.9.1, length 46 02:23:48.708894 ARP, Request who-has 169.254.2.251 tell 192.168.9.1, length 46 02:23:49.030701 ARP, Request who-has 192.168.9.2 tell 192.168.9.1, length 46 02:23:49.530875 ARP, Request who-has 192.168.9.134 (00:0c:29:0a:e7:fc) tell 192.168.9.1, length 46 02:23:49.530975 ARP, Reply 192.168.9.134 is-at 00:0c:29:0a:e7:fc, length 28 02:23:49.531066 ARP, Request who-has 169.254.2.251 tell 192.168.9.1, length 46 ^C 7 packets captured 7 packets received by filter 0 packets dropped by kernel
[root@localhost ~]# tcpdump -nn -i eno16777736 not port 22 and host 192.168.9.2 tcpdump: verbose output suppressed, use -v or -vv for full protocol decode listening on eno16777736, link-type EN10MB (Ethernet), capture size 262144 bytes 02:25:14.530222 ARP, Request who-has 192.168.9.2 tell 192.168.9.1, length 46 02:25:17.108219 ARP, Request who-has 192.168.9.2 tell 192.168.9.1, length 46 02:25:18.029905 ARP, Request who-has 192.168.9.2 tell 192.168.9.1, length 46 02:25:19.030495 ARP, Request who-has 192.168.9.2 tell 192.168.9.1, length 46 02:25:20.109017 ARP, Request who-has 192.168.9.2 tell 192.168.9.1, length 46 02:25:21.029736 ARP, Request who-has 192.168.9.2 tell 192.168.9.1, length 46 02:25:22.029984 ARP, Request who-has 192.168.9.2 tell 192.168.9.1, length 46 02:25:23.109644 ARP, Request who-has 192.168.9.2 tell 192.168.9.1, length 46 02:25:24.029738 ARP, Request who-has 192.168.9.2 tell 192.168.9.1, length 46 02:25:25.029943 ARP, Request who-has 192.168.9.2 tell 192.168.9.1, length 46 02:25:26.109697 ARP, Request who-has 192.168.9.2 tell 192.168.9.1, length 46 02:25:27.029894 ARP, Request who-has 192.168.9.2 tell 192.168.9.1, length 46 02:25:28.029728 ARP, Request who-has 192.168.9.2 tell 192.168.9.1, length 46 ^C 13 packets captured 13 packets received by filter 0 packets dropped by kernel
[root@localhost ~]# tcpdump -nn -i eno16777736 -c 10 tcpdump: verbose output suppressed, use -v or -vv for full protocol decode listening on eno16777736, link-type EN10MB (Ethernet), capture size 262144 bytes 02:26:56.087391 IP 192.168.9.134.22 > 192.168.9.1.2713: Flags [P.], seq 3908966921:3908967133, ack 3251203662, win 137, length 212 02:26:56.087570 IP 192.168.9.1.2713 > 192.168.9.134.22: Flags [.], ack 212, win 2051, length 0 02:26:56.087626 IP 192.168.9.134.22 > 192.168.9.1.2713: Flags [P.], seq 212:408, ack 1, win 137, length 196 02:26:56.087700 IP 192.168.9.134.22 > 192.168.9.1.2713: Flags [P.], seq 408:668, ack 1, win 137, length 260 02:26:56.087846 IP 192.168.9.1.2713 > 192.168.9.134.22: Flags [.], ack 668, win 2049, length 0 02:26:56.087901 IP 192.168.9.134.22 > 192.168.9.1.2713: Flags [P.], seq 668:832, ack 1, win 137, length 164 02:26:56.087958 IP 192.168.9.134.22 > 192.168.9.1.2713: Flags [P.], seq 832:1092, ack 1, win 137, length 260 02:26:56.088091 IP 192.168.9.1.2713 > 192.168.9.134.22: Flags [.], ack 1092, win 2048, length 0 02:26:56.088145 IP 192.168.9.134.22 > 192.168.9.1.2713: Flags [P.], seq 1092:1256, ack 1, win 137, length 164 02:26:56.088316 IP 192.168.9.134.22 > 192.168.9.1.2713: Flags [P.], seq 1256:1516, ack 1, win 137, length 260 10 packets captured 11 packets received by filter 0 packets dropped by kernel
[root@localhost ~]# tcpdump -nn -i eno16777736 -c 10 -w /tmp/1.cap tcpdump: listening on eno16777736, link-type EN10MB (Ethernet), capture size 262144 bytes 10 packets captured 11 packets received by filter 0 packets dropped by kernel [root@localhost ~]# file /tmp/1.cap /tmp/1.cap: tcpdump capture file (little-endian) - version 2.4 (Ethernet, capture length 262144) [root@localhost ~]# tcpdump -r /tmp/1.cap reading from file /tmp/1.cap, link-type EN10MB (Ethernet) 02:27:40.488373 IP 192.168.9.134.ssh > 192.168.9.1.raventbs: Flags [P.], seq 3908970045:3908970193, ack 3251204718, win 137, length 148 02:27:40.488551 IP 192.168.9.1.raventbs > 192.168.9.134.ssh: Flags [.], ack 148, win 2052, length 0 02:27:41.112327 ARP, Request who-has 192.168.9.2 tell 192.168.9.1, length 46 02:27:42.030242 ARP, Request who-has 192.168.9.2 tell 192.168.9.1, length 46 02:27:43.030703 ARP, Request who-has 192.168.9.2 tell 192.168.9.1, length 46 02:27:44.112381 ARP, Request who-has 192.168.9.2 tell 192.168.9.1, length 46 02:27:45.029922 ARP, Request who-has 192.168.9.2 tell 192.168.9.1, length 46 02:27:46.030193 ARP, Request who-has 192.168.9.2 tell 192.168.9.1, length 46 02:27:47.112426 ARP, Request who-has 192.168.9.2 tell 192.168.9.1, length 46 02:27:48.030202 ARP, Request who-has 192.168.9.2 tell 192.168.9.1, length 46
-r爲讀,-w爲寫
使用wireshark抓包
[root@localhost ~]# yum install -y wireshark Loaded plugins: fastestmirror Loading mirror speeds from cached hostfile * epel: mirror01.idc.hinet.net Resolving Dependencies --> Running transaction check ---> Package wireshark.x86_64 0:1.10.14-14.el7 will be installed --> Processing Dependency: libsmi.so.2()(64bit) for package: wireshark-1.10.14-14.el7.x86_64 --> Processing Dependency: libcares.so.2()(64bit) for package: wireshark-1.10.14-14.el7.x86_64 --> Running transaction check ---> Package c-ares.x86_64 0:1.10.0-3.el7 will be installed ---> Package libsmi.x86_64 0:0.4.8-13.el7 will be installed --> Finished Dependency Resolution Dependencies Resolved =================================================================================================== Package Arch Version Repository Size =================================================================================================== Installing: wireshark x86_64 1.10.14-14.el7 base 13 M Installing for dependencies: c-ares x86_64 1.10.0-3.el7 base 78 k libsmi x86_64 0.4.8-13.el7 base 2.3 M Transaction Summary =================================================================================================== Install 1 Package (+2 Dependent packages) Total download size: 15 M Installed size: 83 M Downloading packages: (1/3): c-ares-1.10.0-3.el7.x86_64.rpm | 78 kB 00:00:01 (2/3): libsmi-0.4.8-13.el7.x86_64.rpm | 2.3 MB 00:00:05 (3/3): wireshark-1.10.14-14.el7.x86_64.rpm | 13 MB 00:00:29 --------------------------------------------------------------------------------------------------- Total 490 kB/s | 15 MB 00:00:31 Running transaction check Running transaction test Transaction test succeeded Running transaction Installing : c-ares-1.10.0-3.el7.x86_64 1/3 Installing : libsmi-0.4.8-13.el7.x86_64 2/3 Installing : wireshark-1.10.14-14.el7.x86_64 3/3 Verifying : libsmi-0.4.8-13.el7.x86_64 1/3 Verifying : wireshark-1.10.14-14.el7.x86_64 2/3 Verifying : c-ares-1.10.0-3.el7.x86_64 3/3 Installed: wireshark.x86_64 0:1.10.14-14.el7 Dependency Installed: c-ares.x86_64 0:1.10.0-3.el7 libsmi.x86_64 0:0.4.8-13.el7 Complete!
[root@localhost ~]# tshark -n -t a -R http.request -T fileds -e "frame.time" -e "ip.src" -e "http.host" -e "http.request.method" -e "http.request.uri"
相關文章
- 1. 【CentOS 7筆記42】,監控網絡狀態2#
- 2. 【CentOS 7筆記39】,監控系統狀態1#
- 3. 【CentOS 7筆記40】,監控系統狀態2#
- 4. 監控磁盤狀態,內存狀態,進程,網絡狀態
- 5. 用c#監控網絡狀態
- 6. 實時監控網絡狀態
- 7. zabbix4.2學習筆記--TCP狀態監控
- 8. 實戰Nagios網絡監控(1)——監控本機運行狀態和Mysq主機
- 9. Zabbix自定義監控nginx狀態,網絡連接狀態
- 10. 【CentOS 7筆記1】,安裝CentOS 7#171016
- 更多相關文章...
- • HTTP狀態碼 - HTTP 教程
- • 持久化對象的狀態及狀態轉換 - Hibernate教程
- • Tomcat學習筆記(史上最全tomcat學習筆記)
- • 使用阿里雲OSS+CDN部署前端頁面與加速靜態資源
相關標籤/搜索
每日一句
-
每一个你不满意的现在,都有一个你没有努力的曾经。
歡迎關注本站公眾號,獲取更多信息
