tcpdump
Wireshark/Ethereal
#!/bin/bash
#开始一个新的tcpdump进程,将新监听的日志保存在新的文件里。
logdir=/home/guest/
datestr=`date +%F`
tcpdump -s 0 -i eth0 host 192.168.1.2 and ! port 80 and ! port 25 and ! port 110 -w $logdir$datestr
tcpdump
Wireshark/Ethereal
#!/bin/bash