抓取指定IP和端口的http包 tcpdump -i eth1 'tcp port 10066 and (tcp[20:2]=0x4745 or tcp[20:2]=0x4854)' -XvvennSs 0