简介
Tcpdump是一个强大的网络抓包分析工具,那么如何在OpenHarmony里编译使用此工具就是我们这篇文章要分享的话题。
编译构建
-
下载:从http://www.tcpdump.org下载最新源码
下载地址:wget https://www.tcpdump.org/release/tcpdump-4.99.4.tar.gz -
安装编译环境
//编译工具链(32位) sudo apt-get install gcc-arm-linux-gnueabi //ohos的源码下载后,其实也有对应的工具链,位置如下 prebuilts/gcc/linux-x86/arm(32位)/gcc-linaro-7.5.0-arm-linux-gnueabi/bin -
编译
//设置环境变量 export CC=arm-linux-gnueabi-gcc export CFLAGS=-static export CPPFLAGS=-static export LDFLAGS=-static //配置 ./configure --host=arm-linux --disable-ipv6 //编译 make //strip arm-linux-gnueabi-strip tcpdump -
运行测试
//传到板子上 hdc_std.exe shell mount -o rw,remount / hdc_std.exe file send tcpdump /system/bin hdc_std.exe shell chmod +x /system/bin/tcpdump //运行测试 hdc_std.exe shell # tcpdump -w data/local/tmp/test.cap tcpdump: listening on wlan0, link-type EN10MB (Ethernet), snapshot length 262144 bytes 14 packets captured 14 packets received by filter 0 packets dropped by kernel
小结
-
配合netstat可以更好的使用tcpdump,附件是tcpdump编译好的二进制,发到rk上可用
# netstat --help usage: netstat [-pWrxwutneal] Display networking information. Default is netstat -tuwx -r Routing table -a All sockets (not just connected) -l Listening server sockets -t TCP sockets -u UDP sockets -w Raw sockets -x Unix sockets -e Extended info -n Don't resolve names -W Wide display -p Show PID/program name of sockets # tcpdump -help tcpdump version 4.99.1 libpcap version 1.10.1 (with TPACKET_V3) Usage: tcpdump [-AbdDefhHIJKlLnNOpqStuUvxX#] [ -B size ] [ -c count ] [--count] [ -C file_size ] [ -E algo:secret ] [ -F file ] [ -G seconds ] [ -i interface ] [ --immediate-mode ] [ -j tstamptype ] [ -M secret ] [ --number ] [ --print ] [ -Q in|out|inout ] [ -r file ] [ -s snaplen ] [ -T type ] [ --version ] [ -V file ] [ -w file ] [ -W filecount ] [ -y datalinktype ] [ --time-stamp-precision precision ] [ --micro ] [ --nano ] [ -z postrotate-command ] [ -Z user ] [ expression ]
234
被折叠的 条评论
为什么被折叠?
到【灌水乐园】发言
