#apt-cache search tshark
#apt-cache show tshark
#apt-get install tshark
a.tshark抓包
1.监控服务器上的mysql查询操作
#tshark -i eth0 -n -f 'tcp dst port 3306' -R 'mysql.query' -T fields -e mysql.query
#tshark -i eth0 -n -f 'tcp port 80' -l -R 'http.host and http.request.uri' -l
b.tcpdump抓吧
1.
#tcpdump -i eth0 -nnA 'port 80' -w abc