linux中如何使用tcpdump
小编给大家分享一下linux中如何使用tcpdump,相信大部分人都还不怎么了解,因此分享这篇文章给大家参考一下,希望大家阅读完这篇文章后大有收获,下面让我们一起去了解一下吧!
tcpdump
在分析fastcgi程序时,我们利用这个命令来查看tcp包的情况:
[root@localhost~]#tcpdump-ilo-s1500port9000tcpdump:verboseoutputsuppressed,use-vor-vvforfullprotocoldecodelisteningonlo,link-typeEN10MB(Ethernet),capturesize1500bytes15:23:16.901004IPlocalhost.localdomain.50867>localhost.localdomain.9000:S3482201970:3482201970(0)win32767<mss16396,sackOK,timestamp22968413910,nop,wscale7>15:23:16.901025IPlocalhost.localdomain.9000>localhost.localdomain.50867:S3473410857:3473410857(0)ack3482201971win32767<mss16396,sackOK,timestamp22968413912296841391,nop,wscale7>15:23:16.901039IPlocalhost.localdomain.50867>localhost.localdomain.9000:.ack1win256<nop,nop,timestamp22968413912296841391>15:23:16.901150IPlocalhost.localdomain.50867>localhost.localdomain.9000:P1:1377(1376)ack1win256<nop,nop,timestamp22968413912296841391>15:23:16.901170IPlocalhost.localdomain.9000>localhost.localdomain.50867:.ack1377win256<nop,nop,timestamp22968413912296841391>15:23:16.901214IPlocalhost.localdomain.9000>localhost.localdomain.50867:P1:97(96)ack1377win256<nop,nop,timestamp22968413912296841391>15:23:16.901222IPlocalhost.localdomain.50867>localhost.localdomain.9000:.ack97win256<nop,nop,timestamp22968413912296841391>15:23:16.901236IPlocalhost.localdomain.9000>localhost.localdomain.50867:F97:97(0)ack1377win256<nop,nop,timestamp22968413912296841391>15:23:16.901822IPlocalhost.localdomain.50867>localhost.localdomain.9000:F1377:1377(0)ack98win256<nop,nop,timestamp22968413922296841391>15:23:16.901836IPlocalhost.localdomain.9000>localhost.localdomain.50867:.ack1378win256<nop,nop,timestamp22968413922296841392>
我们通过这个命令可以发现是9000端口主动关闭了连接,这说明在另一端保持连接是没有效果的。
以上是“linux中如何使用tcpdump”这篇文章的所有内容,感谢各位的阅读!相信大家都有了一定的了解,希望分享的内容对大家有所帮助,如果还想学习更多知识,欢迎关注恰卡编程网行业资讯频道!
