shallow丿ove
查看网络状态netstat
-
netstat -lnp #查看监听端口
-
netstat -an #查看系统的网络连接状况
-
netstat -lntp #只看出tcp的,不包含socket
-
ss -an和netstat异曲同工
-
netstat -an | awk '/^tcp/ {++sta[$NF]} END {for(key in sta) print key,"\t",sta[key]}'
[root@localhost ~]# netstat -lnp
Active Internet connections (only servers)
Proto Recv-Q Send-Q Local Address Foreign Address State PID/Program name
tcp 0 0 127.0.0.1:25 0.0.0.0:* LISTEN 2359/master
tcp 0 0 0.0.0.0:2049 0.0.0.0:* LISTEN -
tcp 0 0 0.0.0.0:56877 0.0.0.0:* LISTEN 2452/rpc.statd
tcp 0 0 0.0.0.0:111 0.0.0.0:* LISTEN 1/systemd
tcp 0 0 0.0.0.0:20048 0.0.0.0:* LISTEN 2454/rpc.mountd
tcp 0 0 0.0.0.0:49009 0.0.0.0:* LISTEN -
tcp 0 0 0.0.0.0:22 0.0.0.0:* LISTEN 1327/sshd
tcp6 0 0 ::1:25 :::* LISTEN 2359/master
tcp6 0 0 :::2049 :::* LISTEN -
tcp6 0 0 :::59304 :::* LISTEN -
tcp6 0 0 :::111 :::* LISTEN 1/systemd
tcp6 0 0 :::38128 :::* LISTEN 2452/rpc.statd
tcp6 0 0 :::20048 :::* LISTEN 2454/rpc.mountd
tcp6 0 0 :::22 :::* LISTEN 1327/sshd
udp 0 0 0.0.0.0:2049 0.0.0.0:* -
udp 0 0 0.0.0.0:39964 0.0.0.0:* 702/avahi-daemon: r
udp 0 0 0.0.0.0:111 0.0.0.0:* 2439/rpcbind
udp 0 0 0.0.0.0:5353 0.0.0.0:* 702/avahi-daemon: r
udp 0 0 0.0.0.0:44553 0.0.0.0:* 2452/rpc.statd
udp 0 0 0.0.0.0:20048 0.0.0.0:* 2454/rpc.mountd
udp 0 0 0.0.0.0:47979 0.0.0.0:* -
udp 0 0 0.0.0.0:918 0.0.0.0:* 2439/rpcbind
udp 0 0 127.0.0.1:932 0.0.0.0:* 2452/rpc.statd
udp6 0 0 :::2049 :::* -
udp6 0 0 :::111 :::* 2439/rpcbind
udp6 0 0 :::20048 :::* 2454/rpc.mountd
udp6 0 0 :::53952 :::* -
udp6 0 0 :::45920 :::* 2452/rpc.statd
udp6 0 0 :::918 :::* 2439/rpcbind
raw6 0 0 :::58 :::* 7 808/NetworkManager
Active UNIX domain sockets (only servers)
Proto RefCnt Flags Type State I-Node PID/Program name Path
unix 2 [ ACC ] STREAM LISTENING 15378 1/systemd /var/run/avahi-daemon/socket
unix 2 [ ACC ] STREAM LISTENING 7962 1/systemd /run/systemd/journal/stdout
unix 2 [ ACC ] STREAM LISTENING 15388 1/systemd /var/run/rpcbind.sock
unix 2 [ ACC ] STREAM LISTENING 21751 2359/master public/cleanup
unix 2 [ ACC ] STREAM LISTENING 21754 2359/master public/qmgr
unix 2 [ ACC ] STREAM LISTENING 21776 2359/master public/flush
unix 2 [ ACC ] STREAM LISTENING 21791 2359/master public/showq
unix 2 [ ACC ] STREAM LISTENING 15398 1/systemd /var/run/dbus/system_bus_socket
unix 2 [ ACC ] STREAM LISTENING 12844 1/systemd /run/systemd/private
unix 2 [ ACC ] STREAM LISTENING 21758 2359/master private/tlsmgr
unix 2 [ ACC ] STREAM LISTENING 21761 2359/master private/rewrite
unix 2 [ ACC ] STREAM LISTENING 21764 2359/master private/bounce
unix 2 [ ACC ] STREAM LISTENING 21767 2359/master private/defer
unix 2 [ ACC ] STREAM LISTENING 21770 2359/master private/trace
unix 2 [ ACC ] STREAM LISTENING 21773 2359/master private/verify
unix 2 [ ACC ] STREAM LISTENING 21779 2359/master private/proxymap
unix 2 [ ACC ] STREAM LISTENING 21782 2359/master private/proxywrite
unix 2 [ ACC ] STREAM LISTENING 21785 2359/master private/smtp
unix 2 [ ACC ] STREAM LISTENING 21788 2359/master private/relay
unix 2 [ ACC ] STREAM LISTENING 21794 2359/master private/error
unix 2 [ ACC ] STREAM LISTENING 21797 2359/master private/retry
unix 2 [ ACC ] STREAM LISTENING 21800 2359/master private/discard
unix 2 [ ACC ] STREAM LISTENING 21803 2359/master private/local
unix 2 [ ACC ] STREAM LISTENING 21806 2359/master private/virtual
unix 2 [ ACC ] STREAM LISTENING 21809 2359/master private/lmtp
unix 2 [ ACC ] STREAM LISTENING 21812 2359/master private/anvil
unix 2 [ ACC ] STREAM LISTENING 21815 2359/master private/scache
unix 2 [ ACC ] STREAM LISTENING 16216 808/NetworkManager /var/run/NetworkManager/private
unix 2 [ ACC ] STREAM LISTENING 17563 808/NetworkManager /var/run/NetworkManager/private-dhcp
unix 2 [ ACC ] STREAM LISTENING 21747 2359/master public/pickup
unix 2 [ ACC ] STREAM LISTENING 15573 719/gssproxy /var/lib/gssproxy/default.sock
unix 2 [ ACC ] STREAM LISTENING 15574 719/gssproxy /run/gssproxy.sock
unix 2 [ ACC ] STREAM LISTENING 13018 1/systemd /run/lvm/lvmpolld.socket
unix 2 [ ACC ] SEQPACKET LISTENING 11512 1/systemd /run/udev/control
unix 2 [ ACC ] STREAM LISTENING 13052 1/systemd /run/lvm/lvmetad.socket
[root@localhost ~]# netstat -an
Active Internet connections (servers and established)
Proto Recv-Q Send-Q Local Address Foreign Address State
tcp 0 0 127.0.0.1:25 0.0.0.0:* LISTEN
tcp 0 0 0.0.0.0:2049 0.0.0.0:* LISTEN
tcp 0 0 0.0.0.0:56877 0.0.0.0:* LISTEN
tcp 0 0 0.0.0.0:111 0.0.0.0:* LISTEN
tcp 0 0 0.0.0.0:20048 0.0.0.0:* LISTEN
tcp 0 0 0.0.0.0:49009 0.0.0.0:* LISTEN
tcp 0 0 0.0.0.0:22 0.0.0.0:* LISTEN
tcp 0 0 192.168.9.134:22 192.168.9.1:7122 ESTABLISHED
tcp 0 52 192.168.9.134:22 192.168.9.1:2713 ESTABLISHED
tcp6 0 0 ::1:25 :::* LISTEN
tcp6 0 0 :::2049 :::* LISTEN
tcp6 0 0 :::59304 :::* LISTEN
tcp6 0 0 :::111 :::* LISTEN
tcp6 0 0 :::38128 :::* LISTEN
tcp6 0 0 :::20048 :::* LISTEN
tcp6 0 0 :::22 :::* LISTEN
udp 0 0 0.0.0.0:2049 0.0.0.0:*
udp 0 0 0.0.0.0:39964 0.0.0.0:*
udp 0 0 0.0.0.0:111 0.0.0.0:*
udp 0 0 0.0.0.0:5353 0.0.0.0:*
udp 0 0 0.0.0.0:44553 0.0.0.0:*
udp 0 0 0.0.0.0:20048 0.0.0.0:*
udp 0 0 0.0.0.0:47979 0.0.0.0:*
udp 0 0 0.0.0.0:918 0.0.0.0:*
udp 0 0 127.0.0.1:932 0.0.0.0:*
udp6 0 0 :::2049 :::*
udp6 0 0 :::111 :::*
udp6 0 0 :::20048 :::*
udp6 0 0 :::53952 :::*
udp6 0 0 :::45920 :::*
udp6 0 0 :::918 :::*
raw6 0 0 :::58 :::* 7
Active UNIX domain sockets (servers and established)
Proto RefCnt Flags Type State I-Node Path
unix 2 [ ] DGRAM 7948 /run/systemd/notify
unix 2 [ ] DGRAM 7950 /run/systemd/cgroups-agent
unix 2 [ ACC ] STREAM LISTENING 15378 /var/run/avahi-daemon/socket
unix 2 [ ACC ] STREAM LISTENING 7962 /run/systemd/journal/stdout
unix 2 [ ACC ] STREAM LISTENING 15388 /var/run/rpcbind.sock
unix 5 [ ] DGRAM 7965 /run/systemd/journal/socket
unix 16 [ ] DGRAM 7967 /dev/log
unix 2 [ ACC ] STREAM LISTENING 21751 public/cleanup
unix 2 [ ACC ] STREAM LISTENING 21754 public/qmgr
unix 2 [ ACC ] STREAM LISTENING 21776 public/flush
unix 2 [ ACC ] STREAM LISTENING 21791 public/showq
unix 2 [ ACC ] STREAM LISTENING 15398 /var/run/dbus/system_bus_socket
unix 2 [ ACC ] STREAM LISTENING 12844 /run/systemd/private
unix 2 [ ACC ] STREAM LISTENING 21758 private/tlsmgr
unix 2 [ ACC ] STREAM LISTENING 21761 private/rewrite
unix 2 [ ACC ] STREAM LISTENING 21764 private/bounce
unix 2 [ ACC ] STREAM LISTENING 21767 private/defer
unix 2 [ ACC ] STREAM LISTENING 21770 private/trace
unix 2 [ ACC ] STREAM LISTENING 21773 private/verify
unix 2 [ ACC ] STREAM LISTENING 21779 private/proxymap
unix 2 [ ACC ] STREAM LISTENING 21782 private/proxywrite
unix 2 [ ACC ] STREAM LISTENING 21785 private/smtp
unix 2 [ ACC ] STREAM LISTENING 21788 private/relay
unix 2 [ ACC ] STREAM LISTENING 21794 private/error
unix 2 [ ACC ] STREAM LISTENING 21797 private/retry
unix 2 [ ACC ] STREAM LISTENING 21800 private/discard
unix 2 [ ACC ] STREAM LISTENING 21803 private/local
unix 2 [ ACC ] STREAM LISTENING 21806 private/virtual
unix 2 [ ACC ] STREAM LISTENING 21809 private/lmtp
unix 2 [ ACC ] STREAM LISTENING 21812 private/anvil
unix 2 [ ACC ] STREAM LISTENING 21815 private/scache
unix 2 [ ACC ] STREAM LISTENING 16216 /var/run/NetworkManager/private
unix 2 [ ACC ] STREAM LISTENING 17563 /var/run/NetworkManager/private-dhcp
unix 2 [ ACC ] STREAM LISTENING 21747 public/pickup
unix 2 [ ACC ] STREAM LISTENING 15573 /var/lib/gssproxy/default.sock
unix 2 [ ] DGRAM 13011 /run/systemd/shutdownd
unix 2 [ ACC ] STREAM LISTENING 15574 /run/gssproxy.sock
unix 2 [ ACC ] STREAM LISTENING 13018 /run/lvm/lvmpolld.socket
unix 2 [ ACC ] SEQPACKET LISTENING 11512 /run/udev/control
unix 2 [ ACC ] STREAM LISTENING 13052 /run/lvm/lvmetad.socket
unix 3 [ ] STREAM CONNECTED 21795
unix 3 [ ] STREAM CONNECTED 21749
unix 2 [ ] DGRAM 21375
unix 3 [ ] STREAM CONNECTED 21814
unix 3 [ ] STREAM CONNECTED 15578
unix 3 [ ] STREAM CONNECTED 21768
unix 3 [ ] STREAM CONNECTED 16959
unix 3 [ ] STREAM CONNECTED 16483 /run/systemd/journal/stdout
unix 3 [ ] STREAM CONNECTED 21799
unix 3 [ ] STREAM CONNECTED 21789
unix 3 [ ] STREAM CONNECTED 21772
unix 3 [ ] STREAM CONNECTED 21752
unix 3 [ ] STREAM CONNECTED 16221
unix 3 [ ] STREAM CONNECTED 15565
unix 2 [ ] DGRAM 17547
unix 3 [ ] STREAM CONNECTED 16008 /run/systemd/journal/stdout
unix 3 [ ] STREAM CONNECTED 13434
unix 3 [ ] STREAM CONNECTED 16346 /var/run/dbus/system_bus_socket
unix 3 [ ] STREAM CONNECTED 15561
unix 3 [ ] STREAM CONNECTED 21777
unix 3 [ ] STREAM CONNECTED 21760
unix 3 [ ] STREAM CONNECTED 16781
unix 3 [ ] STREAM CONNECTED 21807
unix 3 [ ] STREAM CONNECTED 21748
unix 3 [ ] STREAM CONNECTED 17441 /var/run/dbus/system_bus_socket
unix 3 [ ] STREAM CONNECTED 15523 /run/systemd/journal/stdout
unix 3 [ ] STREAM CONNECTED 21781
unix 3 [ ] STREAM CONNECTED 16007
unix 3 [ ] STREAM CONNECTED 16752
unix 3 [ ] STREAM CONNECTED 22797
unix 3 [ ] STREAM CONNECTED 12003
unix 3 [ ] STREAM CONNECTED 21811
unix 3 [ ] STREAM CONNECTED 15586
unix 3 [ ] STREAM CONNECTED 21769
unix 3 [ ] STREAM CONNECTED 21756
unix 3 [ ] STREAM CONNECTED 21792
unix 3 [ ] STREAM CONNECTED 16218
unix 3 [ ] STREAM CONNECTED 21798
unix 3 [ ] STREAM CONNECTED 15560
unix 2 [ ] DGRAM 38716
unix 3 [ ] STREAM CONNECTED 16532 /run/systemd/journal/stdout
unix 3 [ ] STREAM CONNECTED 16482
unix 3 [ ] STREAM CONNECTED 15594 /var/run/dbus/system_bus_socket
unix 3 [ ] STREAM CONNECTED 21780
unix 2 [ ] DGRAM 21832
unix 3 [ ] STREAM CONNECTED 21802
unix 3 [ ] STREAM CONNECTED 18325 /run/systemd/journal/stdout
unix 3 [ ] STREAM CONNECTED 15521
unix 3 [ ] STREAM CONNECTED 21755
unix 3 [ ] STREAM CONNECTED 16780
unix 2 [ ] DGRAM 16209
unix 3 [ ] DGRAM 13473
unix 3 [ ] STREAM CONNECTED 21784
unix 3 [ ] STREAM CONNECTED 21810
unix 3 [ ] STREAM CONNECTED 21765
unix 3 [ ] STREAM CONNECTED 21745
unix 3 [ ] STREAM CONNECTED 13446 /run/systemd/journal/stdout
unix 3 [ ] STREAM CONNECTED 17446 /var/run/dbus/system_bus_socket
unix 3 [ ] STREAM CONNECTED 11961 /run/systemd/journal/stdout
unix 3 [ ] STREAM CONNECTED 21787
unix 3 [ ] STREAM CONNECTED 21793
unix 3 [ ] STREAM CONNECTED 16531
unix 3 [ ] STREAM CONNECTED 21816
unix 3 [ ] STREAM CONNECTED 21774
unix 3 [ ] STREAM CONNECTED 21753
unix 2 [ ] DGRAM 14275
unix 3 [ ] STREAM CONNECTED 17150 /var/run/dbus/system_bus_socket
unix 3 [ ] STREAM CONNECTED 21801
unix 2 [ ] DGRAM 30598
unix 3 [ ] STREAM CONNECTED 16345
unix 3 [ ] STREAM CONNECTED 16581 /run/systemd/journal/stdout
unix 3 [ ] STREAM CONNECTED 22796
unix 3 [ ] STREAM CONNECTED 21762
unix 2 [ ] DGRAM 16778
unix 3 [ ] STREAM CONNECTED 16630 /run/systemd/journal/stdout
unix 3 [ ] STREAM CONNECTED 21805
unix 2 [ ] DGRAM 43765
unix 3 [ ] STREAM CONNECTED 21783
unix 3 [ ] STREAM CONNECTED 21766
unix 3 [ ] STREAM CONNECTED 15588 /var/run/dbus/system_bus_socket
unix 3 [ ] STREAM CONNECTED 16729
unix 3 [ ] STREAM CONNECTED 21746
unix 3 [ ] STREAM CONNECTED 19003
unix 2 [ ] DGRAM 15726
unix 2 [ ] DGRAM 43637
unix 3 [ ] STREAM CONNECTED 21771
unix 3 [ ] STREAM CONNECTED 16960 /run/systemd/journal/stdout
unix 2 [ ] DGRAM 15550
unix 3 [ ] STREAM CONNECTED 21813
unix 3 [ ] STREAM CONNECTED 21796
unix 3 [ ] STREAM CONNECTED 21786
unix 3 [ ] STREAM CONNECTED 21775
unix 2 [ ] DGRAM 21720
unix 3 [ ] STREAM CONNECTED 15587
unix 2 [ ] STREAM CONNECTED 22848
unix 3 [ ] STREAM CONNECTED 21817
unix 3 [ ] STREAM CONNECTED 21790
unix 3 [ ] STREAM CONNECTED 21763
unix 2 [ ] DGRAM 17447
unix 3 [ ] STREAM CONNECTED 15591 /var/run/dbus/system_bus_socket
unix 3 [ ] STREAM CONNECTED 21759
unix 3 [ ] STREAM CONNECTED 15910
unix 3 [ ] STREAM CONNECTED 15510
unix 2 [ ] DGRAM 22754
unix 3 [ ] STREAM CONNECTED 21804
unix 3 [ ] STREAM CONNECTED 21778
unix 2 [ ] DGRAM 16741
unix 3 [ ] STREAM CONNECTED 15580 /run/gssproxy.sock
unix 3 [ ] STREAM CONNECTED 16629
unix 2 [ ] DGRAM 12015
unix 3 [ ] STREAM CONNECTED 21808
unix 3 [ ] DGRAM 13472
tcp
[root@localhost ~]# netstat -ltnp
Active Internet connections (only servers)
Proto Recv-Q Send-Q Local Address Foreign Address State PID/Program name
tcp 0 0 127.0.0.1:25 0.0.0.0:* LISTEN 2359/master
tcp 0 0 0.0.0.0:2049 0.0.0.0:* LISTEN -
tcp 0 0 0.0.0.0:56877 0.0.0.0:* LISTEN 2452/rpc.statd
tcp 0 0 0.0.0.0:111 0.0.0.0:* LISTEN 1/systemd
tcp 0 0 0.0.0.0:20048 0.0.0.0:* LISTEN 2454/rpc.mountd
tcp 0 0 0.0.0.0:49009 0.0.0.0:* LISTEN -
tcp 0 0 0.0.0.0:22 0.0.0.0:* LISTEN 1327/sshd
tcp6 0 0 ::1:25 :::* LISTEN 2359/master
tcp6 0 0 :::2049 :::* LISTEN -
tcp6 0 0 :::59304 :::* LISTEN -
tcp6 0 0 :::111 :::* LISTEN 1/systemd
tcp6 0 0 :::38128 :::* LISTEN 2452/rpc.statd
tcp6 0 0 :::20048 :::* LISTEN 2454/rpc.mountd
tcp6 0 0 :::22 :::* LISTEN 1327/sshd
tcp和udp
[root@localhost ~]# netstat -ltunp
Active Internet connections (only servers)
Proto Recv-Q Send-Q Local Address Foreign Address State PID/Program name
tcp 0 0 127.0.0.1:25 0.0.0.0:* LISTEN 2359/master
tcp 0 0 0.0.0.0:2049 0.0.0.0:* LISTEN -
tcp 0 0 0.0.0.0:56877 0.0.0.0:* LISTEN 2452/rpc.statd
tcp 0 0 0.0.0.0:111 0.0.0.0:* LISTEN 1/systemd
tcp 0 0 0.0.0.0:20048 0.0.0.0:* LISTEN 2454/rpc.mountd
tcp 0 0 0.0.0.0:49009 0.0.0.0:* LISTEN -
tcp 0 0 0.0.0.0:22 0.0.0.0:* LISTEN 1327/sshd
tcp6 0 0 ::1:25 :::* LISTEN 2359/master
tcp6 0 0 :::2049 :::* LISTEN -
tcp6 0 0 :::59304 :::* LISTEN -
tcp6 0 0 :::111 :::* LISTEN 1/systemd
tcp6 0 0 :::38128 :::* LISTEN 2452/rpc.statd
tcp6 0 0 :::20048 :::* LISTEN 2454/rpc.mountd
tcp6 0 0 :::22 :::* LISTEN 1327/sshd
udp 0 0 0.0.0.0:2049 0.0.0.0:* -
udp 0 0 0.0.0.0:39964 0.0.0.0:* 702/avahi-daemon: r
udp 0 0 0.0.0.0:111 0.0.0.0:* 2439/rpcbind
udp 0 0 0.0.0.0:5353 0.0.0.0:* 702/avahi-daemon: r
udp 0 0 0.0.0.0:44553 0.0.0.0:* 2452/rpc.statd
udp 0 0 0.0.0.0:20048 0.0.0.0:* 2454/rpc.mountd
udp 0 0 0.0.0.0:47979 0.0.0.0:* -
udp 0 0 0.0.0.0:918 0.0.0.0:* 2439/rpcbind
udp 0 0 127.0.0.1:932 0.0.0.0:* 2452/rpc.statd
udp6 0 0 :::2049 :::* -
udp6 0 0 :::111 :::* 2439/rpcbind
udp6 0 0 :::20048 :::* 2454/rpc.mountd
udp6 0 0 :::53952 :::* -
udp6 0 0 :::45920 :::* 2452/rpc.statd
udp6 0 0 :::918 :::* 2439/rpcbind
[root@localhost ~]# netstat -an | awk '/^tcp/ {++sta[$NF]} END {for(key in sta) print key,"\t",sta[key]}'
LISTEN 14
ESTABLISHED 2
[root@localhost ~]# ss -an
Netid State Recv-Q Send-Q Local Address:Port Peer Address:Port
nl UNCONN 0 0 0:702 *
nl UNCONN 0 0 0:0 *
nl UNCONN 0 0 0:808 *
nl UNCONN 0 0 0:4195112 *
nl UNCONN 4352 0 4:4829 *
nl UNCONN 768 0 4:0 *
nl UNCONN 0 0 6:0 *
nl UNCONN 0 0 7:704 *
nl UNCONN 0 0 7:0 *
nl UNCONN 0 0 7:1 *
nl UNCONN 0 0 9:650 *
nl UNCONN 0 0 9:1 *
nl UNCONN 0 0 9:0 *
nl UNCONN 0 0 10:0 *
nl UNCONN 0 0 11:0 *
nl UNCONN 0 0 15:1657 *
nl UNCONN 0 0 15:1 *
nl UNCONN 0 0 15:699 *
nl UNCONN 0 0 15:0 *
nl UNCONN 0 0 15:537 *
nl UNCONN 0 0 15:-4125 *
nl UNCONN 0 0 15:-4123 *
nl UNCONN 0 0 15:808 *
nl UNCONN 0 0 15:-4122 *
nl UNCONN 0 0 15:1658 *
nl UNCONN 0 0 15:-4109 *
nl UNCONN 0 0 15:698 *
nl UNCONN 0 0 15:1732 *
nl UNCONN 0 0 15:-4124 *
nl UNCONN 0 0 15:-4121 *
nl UNCONN 0 0 16:0 *
nl UNCONN 0 0 18:0 *
u_dgr UNCONN 0 0 /run/systemd/notify 7948 * 0
u_dgr UNCONN 0 0 /run/systemd/cgroups-agent 7950 * 0
u_str LISTEN 0 128 /var/run/avahi-daemon/socket 15378 * 0
u_str LISTEN 0 128 /run/systemd/journal/stdout 7962 * 0
u_str LISTEN 0 128 /var/run/rpcbind.sock 15388 * 0
u_dgr UNCONN 0 0 /run/systemd/journal/socket 7965 * 0
u_dgr UNCONN 0 0 /dev/log 7967 * 0
u_str LISTEN 0 100 public/cleanup 21751 * 0
u_str LISTEN 0 100 public/qmgr 21754 * 0
u_str LISTEN 0 100 public/flush 21776 * 0
u_str LISTEN 0 100 public/showq 21791 * 0
u_str LISTEN 0 128 /var/run/dbus/system_bus_socket 15398 * 0
u_str LISTEN 0 128 /run/systemd/private 12844 * 0
u_str LISTEN 0 100 private/tlsmgr 21758 * 0
u_str LISTEN 0 100 private/rewrite 21761 * 0
u_str LISTEN 0 100 private/bounce 21764 * 0
u_str LISTEN 0 100 private/defer 21767 * 0
u_str LISTEN 0 100 private/trace 21770 * 0
u_str LISTEN 0 100 private/verify 21773 * 0
u_str LISTEN 0 100 private/proxymap 21779 * 0
u_str LISTEN 0 100 private/proxywrite 21782 * 0
u_str LISTEN 0 100 private/smtp 21785 * 0
u_str LISTEN 0 100 private/relay 21788 * 0
u_str LISTEN 0 100 private/error 21794 * 0
u_str LISTEN 0 100 private/retry 21797 * 0
u_str LISTEN 0 100 private/discard 21800 * 0
u_str LISTEN 0 100 private/local 21803 * 0
u_str LISTEN 0 100 private/virtual 21806 * 0
u_str LISTEN 0 100 private/lmtp 21809 * 0
u_str LISTEN 0 100 private/anvil 21812 * 0
u_str LISTEN 0 100 private/scache 21815 * 0
u_str LISTEN 0 30 /var/run/NetworkManager/private 16216 * 0
u_str LISTEN 0 30 /var/run/NetworkManager/private-dhcp 17563 * 0
u_str LISTEN 0 100 public/pickup 21747 * 0
u_str LISTEN 0 10 /var/lib/gssproxy/default.sock 15573 * 0
u_dgr UNCONN 0 0 /run/systemd/shutdownd 13011 * 0
u_str LISTEN 0 10 /run/gssproxy.sock 15574 * 0
u_str LISTEN 0 128 /run/lvm/lvmpolld.socket 13018 * 0
u_dgr LISTEN 0 128 /run/udev/control 11512 * 0
u_str LISTEN 0 128 /run/lvm/lvmetad.socket 13052 * 0
u_str ESTAB 0 0 * 21795 * 21796
u_str ESTAB 0 0 * 21749 * 21748
u_dgr UNCONN 0 0 * 21375 * 7967
u_str ESTAB 0 0 * 21814 * 21813
u_str ESTAB 0 0 * 15578 * 15580
u_str ESTAB 0 0 * 21768 * 21769
u_str ESTAB 0 0 * 16959 * 16960
u_str ESTAB 0 0 /run/systemd/journal/stdout 16483 * 16482
u_str ESTAB 0 0 * 21799 * 21798
u_str ESTAB 0 0 * 21789 * 21790
u_str ESTAB 0 0 * 21772 * 21771
u_str ESTAB 0 0 * 21752 * 21753
u_str ESTAB 0 0 * 16221 * 17446
u_str ESTAB 0 0 * 15565 * 15594
u_dgr UNCONN 0 0 * 17547 * 7967
u_str ESTAB 0 0 /run/systemd/journal/stdout 16008 * 16007
u_str ESTAB 0 0 * 13434 * 11961
u_str ESTAB 0 0 /var/run/dbus/system_bus_socket 16346 * 16345
u_str ESTAB 0 0 * 15561 * 15560
u_str ESTAB 0 0 * 21777 * 21778
u_str ESTAB 0 0 * 21760 * 21759
u_str ESTAB 0 0 * 16781 * 16780
u_str ESTAB 0 0 * 21807 * 21808
u_str ESTAB 0 0 * 21748 * 21749
u_str ESTAB 0 0 /var/run/dbus/system_bus_socket 17441 * 16218
u_str ESTAB 0 0 /run/systemd/journal/stdout 15523 * 16729
u_str ESTAB 0 0 * 21781 * 21780
u_str ESTAB 0 0 * 16007 * 16008
u_str ESTAB 0 0 * 16752 * 15591
u_str ESTAB 0 0 * 22797 * 22796
u_str ESTAB 0 0 * 12003 * 13446
u_str ESTAB 0 0 * 21811 * 21810
u_str ESTAB 0 0 * 15586 * 15587
u_str ESTAB 0 0 * 21769 * 21768
u_str ESTAB 0 0 * 21756 * 21755
u_str ESTAB 0 0 * 21792 * 21793
u_str ESTAB 0 0 * 16218 * 17441
u_str ESTAB 0 0 * 21798 * 21799
u_str ESTAB 0 0 * 15560 * 15561
u_dgr UNCONN 0 0 * 38716 * 7967
u_str ESTAB 0 0 /run/systemd/journal/stdout 16532 * 16531
u_str ESTAB 0 0 * 16482 * 16483
u_str ESTAB 0 0 /var/run/dbus/system_bus_socket 15594 * 15565
u_str ESTAB 0 0 * 21780 * 21781
u_dgr UNCONN 0 0 * 21832 * 7967
u_str ESTAB 0 0 * 21802 * 21801
u_str ESTAB 0 0 /run/systemd/journal/stdout 18325 * 19003
u_str ESTAB 0 0 * 15521 * 15588
u_str ESTAB 0 0 * 21755 * 21756
u_str ESTAB 0 0 * 16780 * 16781
u_dgr UNCONN 0 0 * 16209 * 7967
u_dgr UNCONN 0 0 * 13473 * 13472
u_str ESTAB 0 0 * 21784 * 21783
u_str ESTAB 0 0 * 21810 * 21811
u_str ESTAB 0 0 * 21765 * 21766
u_str ESTAB 0 0 * 21745 * 21746
u_str ESTAB 0 0 /run/systemd/journal/stdout 13446 * 12003
u_str ESTAB 0 0 /var/run/dbus/system_bus_socket 17446 * 16221
u_str ESTAB 0 0 /run/systemd/journal/stdout 11961 * 13434
u_str ESTAB 0 0 * 21787 * 21786
u_str ESTAB 0 0 * 21793 * 21792
u_str ESTAB 0 0 * 16531 * 16532
u_str ESTAB 0 0 * 21816 * 21817
u_str ESTAB 0 0 * 21774 * 21775
u_str ESTAB 0 0 * 21753 * 21752
u_dgr UNCONN 0 0 * 14275 * 7967
u_str ESTAB 0 0 /var/run/dbus/system_bus_socket 17150 * 15910
u_str ESTAB 0 0 * 21801 * 21802
u_dgr UNCONN 0 0 * 30598 * 7965
u_str ESTAB 0 0 * 16345 * 16346
u_str ESTAB 0 0 /run/systemd/journal/stdout 16581 * 15510
u_str ESTAB 0 0 * 22796 * 22797
u_str ESTAB 0 0 * 21762 * 21763
u_dgr UNCONN 0 0 * 16778 * 7967
u_str ESTAB 0 0 /run/systemd/journal/stdout 16630 * 16629
u_str ESTAB 0 0 * 21805 * 21804
u_dgr UNCONN 0 0 * 43765 * 7967
u_str ESTAB 0 0 * 21783 * 21784
u_str ESTAB 0 0 * 21766 * 21765
u_str ESTAB 0 0 /var/run/dbus/system_bus_socket 15588 * 15521
u_str ESTAB 0 0 * 16729 * 15523
u_str ESTAB 0 0 * 21746 * 21745
u_str ESTAB 0 0 * 19003 * 18325
u_dgr UNCONN 0 0 * 15726 * 7967
u_dgr UNCONN 0 0 * 43637 * 7967
u_str ESTAB 0 0 * 21771 * 21772
u_str ESTAB 0 0 /run/systemd/journal/stdout 16960 * 16959
u_dgr UNCONN 0 0 * 15550 * 7967
u_str ESTAB 0 0 * 21813 * 21814
u_str ESTAB 0 0 * 21796 * 21795
u_str ESTAB 0 0 * 21786 * 21787
u_str ESTAB 0 0 * 21775 * 21774
u_dgr UNCONN 0 0 * 21720 * 7967
u_str ESTAB 0 0 * 15587 * 15586
u_str ESTAB 0 0 * 22848 * 0
u_str ESTAB 0 0 * 21817 * 21816
u_str ESTAB 0 0 * 21790 * 21789
u_str ESTAB 0 0 * 21763 * 21762
u_dgr UNCONN 0 0 * 17447 * 7967
u_str ESTAB 0 0 /var/run/dbus/system_bus_socket 15591 * 16752
u_str ESTAB 0 0 * 21759 * 21760
u_str ESTAB 0 0 * 15910 * 17150
u_str ESTAB 0 0 * 15510 * 16581
u_dgr UNCONN 0 0 * 22754 * 7967
u_str ESTAB 0 0 * 21804 * 21805
u_str ESTAB 0 0 * 21778 * 21777
u_dgr UNCONN 0 0 * 16741 * 7965
u_str ESTAB 0 0 /run/gssproxy.sock 15580 * 15578
u_str ESTAB 0 0 * 16629 * 16630
u_dgr UNCONN 0 0 * 12015 * 7965
u_str ESTAB 0 0 * 21808 * 21807
u_dgr UNCONN 0 0 * 13472 * 13473
raw UNCONN 0 0 :::58 :::*
tcp UNCONN 0 0 *:2049 *:*
tcp UNCONN 0 0 *:39964 *:*
tcp UNCONN 0 0 *:111 *:*
tcp UNCONN 0 0 *:5353 *:*
tcp UNCONN 0 0 *:44553 *:*
tcp UNCONN 0 0 *:20048 *:*
tcp UNCONN 0 0 *:47979 *:*
tcp UNCONN 0 0 *:918 *:*
tcp UNCONN 0 0 127.0.0.1:932 *:*
tcp UNCONN 0 0 :::2049 :::*
tcp UNCONN 0 0 :::111 :::*
tcp UNCONN 0 0 :::20048 :::*
tcp UNCONN 0 0 :::53952 :::*
tcp UNCONN 0 0 :::45920 :::*
tcp UNCONN 0 0 :::918 :::*
tcp LISTEN 0 100 127.0.0.1:25 *:*
tcp LISTEN 0 64 *:2049 *:*
tcp LISTEN 0 128 *:56877 *:*
tcp LISTEN 0 128 *:111 *:*
tcp LISTEN 0 128 *:20048 *:*
tcp LISTEN 0 64 *:49009 *:*
tcp LISTEN 0 128 *:22 *:*
tcp ESTAB 0 0 192.168.9.134:22 192.168.9.1:7122
tcp ESTAB 0 2212 192.168.9.134:22 192.168.9.1:2713
tcp LISTEN 0 100 ::1:25 :::*
tcp LISTEN 0 64 :::2049 :::*
tcp LISTEN 0 64 :::59304 :::*
tcp LISTEN 0 128 :::111 :::*
tcp LISTEN 0 128 :::38128 :::*
tcp LISTEN 0 128 :::20048 :::*
tcp LISTEN 0 128 :::22 :::*
[root@localhost ~]# ss -an | grep -i listen
u_str LISTEN 0 128 /var/run/avahi-daemon/socket 15378 * 0
u_str LISTEN 0 128 /run/systemd/journal/stdout 7962 * 0
u_str LISTEN 0 128 /var/run/rpcbind.sock 15388 * 0
u_str LISTEN 0 100 public/cleanup 21751 * 0
u_str LISTEN 0 100 public/qmgr 21754 * 0
u_str LISTEN 0 100 public/flush 21776 * 0
u_str LISTEN 0 100 public/showq 21791 * 0
u_str LISTEN 0 128 /var/run/dbus/system_bus_socket 15398 * 0
u_str LISTEN 0 128 /run/systemd/private 12844 * 0
u_str LISTEN 0 100 private/tlsmgr 21758 * 0
u_str LISTEN 0 100 private/rewrite 21761 * 0
u_str LISTEN 0 100 private/bounce 21764 * 0
u_str LISTEN 0 100 private/defer 21767 * 0
u_str LISTEN 0 100 private/trace 21770 * 0
u_str LISTEN 0 100 private/verify 21773 * 0
u_str LISTEN 0 100 private/proxymap 21779 * 0
u_str LISTEN 0 100 private/proxywrite 21782 * 0
u_str LISTEN 0 100 private/smtp 21785 * 0
u_str LISTEN 0 100 private/relay 21788 * 0
u_str LISTEN 0 100 private/error 21794 * 0
u_str LISTEN 0 100 private/retry 21797 * 0
u_str LISTEN 0 100 private/discard 21800 * 0
u_str LISTEN 0 100 private/local 21803 * 0
u_str LISTEN 0 100 private/virtual 21806 * 0
u_str LISTEN 0 100 private/lmtp 21809 * 0
u_str LISTEN 0 100 private/anvil 21812 * 0
u_str LISTEN 0 100 private/scache 21815 * 0
u_str LISTEN 0 30 /var/run/NetworkManager/private 16216 * 0
u_str LISTEN 0 30 /var/run/NetworkManager/private-dhcp 17563 * 0
u_str LISTEN 0 100 public/pickup 21747 * 0
u_str LISTEN 0 10 /var/lib/gssproxy/default.sock 15573 * 0
u_str LISTEN 0 10 /run/gssproxy.sock 15574 * 0
u_str LISTEN 0 128 /run/lvm/lvmpolld.socket 13018 * 0
u_dgr LISTEN 0 128 /run/udev/control 11512 * 0
u_str LISTEN 0 128 /run/lvm/lvmetad.socket 13052 * 0
tcp LISTEN 0 100 127.0.0.1:25 *:*
tcp LISTEN 0 64 *:2049 *:*
tcp LISTEN 0 128 *:56877 *:*
tcp LISTEN 0 128 *:111 *:*
tcp LISTEN 0 128 *:20048 *:*
tcp LISTEN 0 64 *:49009 *:*
tcp LISTEN 0 128 *:22 *:*
tcp LISTEN 0 100 ::1:25 :::*
tcp LISTEN 0 64 :::2049 :::*
tcp LISTEN 0 64 :::59304 :::*
tcp LISTEN 0 128 :::111 :::*
tcp LISTEN 0 128 :::38128 :::*
tcp LISTEN 0 128 :::20048 :::*
tcp LISTEN 0 128 :::22 :::*
抓包工具tcpdump
- 用法:tcpdump -nn
- tcpdump -nn -i ens33
- tcpdump -nn port 80
- tcpdump -nn not port 22 and host 192.168.9.233
- tcpdump -nn -c 100 -w 1.cap
- tshark -n -t a -R http.request -T fileds -e "frame.time" -e "ip.src" -e "http.host" -e "http.request.method" -e "http.request.uri"
- yum install -y wireshark
使用tcpdump抓包
[root@localhost ~]# yum install -y tcpdump
Loaded plugins: fastestmirror
base | 3.6 kB 00:00:00
epel/x86_64/metalink | 5.6 kB 00:00:00
epel | 4.7 kB 00:00:00
extras | 3.4 kB 00:00:00
updates | 3.4 kB 00:00:00
(1/3): epel/x86_64/updateinfo | 852 kB 00:00:10
(2/3): updates/7/x86_64/primary_db | 3.6 MB 00:00:16
(3/3): epel/x86_64/primary_db | 6.1 MB 00:00:26
Loading mirror speeds from cached hostfile
* epel: mirrors.tongji.edu.cn
Resolving Dependencies
--> Running transaction check
---> Package tcpdump.x86_64 14:4.9.0-5.el7 will be installed
--> Finished Dependency Resolution
Dependencies Resolved
===================================================================================================
Package Arch Version Repository Size
===================================================================================================
Installing:
tcpdump x86_64 14:4.9.0-5.el7 base 415 k
Transaction Summary
===================================================================================================
Install 1 Package
Total download size: 415 k
Installed size: 1.0 M
Downloading packages:
tcpdump-4.9.0-5.el7.x86_64.rpm | 415 kB 00:00:00
Running transaction check
Running transaction test
Transaction test succeeded
Running transaction
Installing : 14:tcpdump-4.9.0-5.el7.x86_64 1/1
Verifying : 14:tcpdump-4.9.0-5.el7.x86_64 1/1
Installed:
tcpdump.x86_64 14:4.9.0-5.el7
Complete!
[root@localhost ~]# tcpdump -nn -i eno16777736
02:14:00.780945 IP 192.168.9.1.2713 > 192.168.9.134.22: Flags [.], ack 480216, win 2048, length 0
02:14:00.780994 IP 192.168.9.134.22 > 192.168.9.1.2713: Flags [P.], seq 480216:480604, ack 105, win 137, length 388
02:14:00.781067 IP 192.168.9.134.22 > 192.168.9.1.2713: Flags [P.], seq 480604:480784, ack 105, win 137, length 180
02:14:00.781134 IP 192.168.9.134.22 > 192.168.9.1.2713: Flags [P.], seq 480784:480964, ack 105, win 137, length 180
02:14:00.781137 IP 192.168.9.1.2713 > 192.168.9.134.22: Flags [P.], seq 105:157, ack 480216, win 2048, length 52
^Ctcpdump: Unable to write output: Interrupted system call
第一个n表示ip以数字形式显示出来,若不加则显示主机名
[root@localhost ~]# tcpdump -nn -i eno16777736 port 22
02:22:54.007382 IP 192.168.9.134.22 > 192.168.9.1.2713: Flags [P.], seq 9122384:9122564, ack 1249, win 137, length 180
02:22:54.007444 IP 192.168.9.134.22 > 192.168.9.1.2713: Flags [P.], seq 9122564:9122744, ack 1249, win 137, length 180
02:22:54.007544 IP 192.168.9.134.22 > 192.168.9.1.2713: Flags [P.], seq 9122744:9122924, ack 1249, win 137, length 180
02:22:54.007575 IP 192.168.9.1.2713 > 192.168.9.134.22: Flags [.], ack 9122744, win 1986, length 0
02:22:54.007661 IP 192.168.9.1.2713 > 192.168.9.134.22: Flags [P.], seq 1249:1301, ack 9122744, win 1986, length 52
^C
55206 packets captured
55208 packets received by filter
0 packets dropped by kernel
[root@localhost ~]# tcpdump -nn -i eno16777736 not port 22
tcpdump: verbose output suppressed, use -v or -vv for full protocol decode
listening on eno16777736, link-type EN10MB (Ethernet), capture size 262144 bytes
02:23:47.530835 ARP, Request who-has 169.254.2.251 tell 192.168.9.1, length 46
02:23:48.030596 ARP, Request who-has 192.168.9.2 tell 192.168.9.1, length 46
02:23:48.708894 ARP, Request who-has 169.254.2.251 tell 192.168.9.1, length 46
02:23:49.030701 ARP, Request who-has 192.168.9.2 tell 192.168.9.1, length 46
02:23:49.530875 ARP, Request who-has 192.168.9.134 (00:0c:29:0a:e7:fc) tell 192.168.9.1, length 46
02:23:49.530975 ARP, Reply 192.168.9.134 is-at 00:0c:29:0a:e7:fc, length 28
02:23:49.531066 ARP, Request who-has 169.254.2.251 tell 192.168.9.1, length 46
^C
7 packets captured
7 packets received by filter
0 packets dropped by kernel
[root@localhost ~]# tcpdump -nn -i eno16777736 not port 22 and host 192.168.9.2
tcpdump: verbose output suppressed, use -v or -vv for full protocol decode
listening on eno16777736, link-type EN10MB (Ethernet), capture size 262144 bytes
02:25:14.530222 ARP, Request who-has 192.168.9.2 tell 192.168.9.1, length 46
02:25:17.108219 ARP, Request who-has 192.168.9.2 tell 192.168.9.1, length 46
02:25:18.029905 ARP, Request who-has 192.168.9.2 tell 192.168.9.1, length 46
02:25:19.030495 ARP, Request who-has 192.168.9.2 tell 192.168.9.1, length 46
02:25:20.109017 ARP, Request who-has 192.168.9.2 tell 192.168.9.1, length 46
02:25:21.029736 ARP, Request who-has 192.168.9.2 tell 192.168.9.1, length 46
02:25:22.029984 ARP, Request who-has 192.168.9.2 tell 192.168.9.1, length 46
02:25:23.109644 ARP, Request who-has 192.168.9.2 tell 192.168.9.1, length 46
02:25:24.029738 ARP, Request who-has 192.168.9.2 tell 192.168.9.1, length 46
02:25:25.029943 ARP, Request who-has 192.168.9.2 tell 192.168.9.1, length 46
02:25:26.109697 ARP, Request who-has 192.168.9.2 tell 192.168.9.1, length 46
02:25:27.029894 ARP, Request who-has 192.168.9.2 tell 192.168.9.1, length 46
02:25:28.029728 ARP, Request who-has 192.168.9.2 tell 192.168.9.1, length 46
^C
13 packets captured
13 packets received by filter
0 packets dropped by kernel
[root@localhost ~]# tcpdump -nn -i eno16777736 -c 10
tcpdump: verbose output suppressed, use -v or -vv for full protocol decode
listening on eno16777736, link-type EN10MB (Ethernet), capture size 262144 bytes
02:26:56.087391 IP 192.168.9.134.22 > 192.168.9.1.2713: Flags [P.], seq 3908966921:3908967133, ack 3251203662, win 137, length 212
02:26:56.087570 IP 192.168.9.1.2713 > 192.168.9.134.22: Flags [.], ack 212, win 2051, length 0
02:26:56.087626 IP 192.168.9.134.22 > 192.168.9.1.2713: Flags [P.], seq 212:408, ack 1, win 137, length 196
02:26:56.087700 IP 192.168.9.134.22 > 192.168.9.1.2713: Flags [P.], seq 408:668, ack 1, win 137, length 260
02:26:56.087846 IP 192.168.9.1.2713 > 192.168.9.134.22: Flags [.], ack 668, win 2049, length 0
02:26:56.087901 IP 192.168.9.134.22 > 192.168.9.1.2713: Flags [P.], seq 668:832, ack 1, win 137, length 164
02:26:56.087958 IP 192.168.9.134.22 > 192.168.9.1.2713: Flags [P.], seq 832:1092, ack 1, win 137, length 260
02:26:56.088091 IP 192.168.9.1.2713 > 192.168.9.134.22: Flags [.], ack 1092, win 2048, length 0
02:26:56.088145 IP 192.168.9.134.22 > 192.168.9.1.2713: Flags [P.], seq 1092:1256, ack 1, win 137, length 164
02:26:56.088316 IP 192.168.9.134.22 > 192.168.9.1.2713: Flags [P.], seq 1256:1516, ack 1, win 137, length 260
10 packets captured
11 packets received by filter
0 packets dropped by kernel
[root@localhost ~]# tcpdump -nn -i eno16777736 -c 10 -w /tmp/1.cap
tcpdump: listening on eno16777736, link-type EN10MB (Ethernet), capture size 262144 bytes
10 packets captured
11 packets received by filter
0 packets dropped by kernel
[root@localhost ~]# file /tmp/1.cap
/tmp/1.cap: tcpdump capture file (little-endian) - version 2.4 (Ethernet, capture length 262144)
[root@localhost ~]# tcpdump -r /tmp/1.cap
reading from file /tmp/1.cap, link-type EN10MB (Ethernet)
02:27:40.488373 IP 192.168.9.134.ssh > 192.168.9.1.raventbs: Flags [P.], seq 3908970045:3908970193, ack 3251204718, win 137, length 148
02:27:40.488551 IP 192.168.9.1.raventbs > 192.168.9.134.ssh: Flags [.], ack 148, win 2052, length 0
02:27:41.112327 ARP, Request who-has 192.168.9.2 tell 192.168.9.1, length 46
02:27:42.030242 ARP, Request who-has 192.168.9.2 tell 192.168.9.1, length 46
02:27:43.030703 ARP, Request who-has 192.168.9.2 tell 192.168.9.1, length 46
02:27:44.112381 ARP, Request who-has 192.168.9.2 tell 192.168.9.1, length 46
02:27:45.029922 ARP, Request who-has 192.168.9.2 tell 192.168.9.1, length 46
02:27:46.030193 ARP, Request who-has 192.168.9.2 tell 192.168.9.1, length 46
02:27:47.112426 ARP, Request who-has 192.168.9.2 tell 192.168.9.1, length 46
02:27:48.030202 ARP, Request who-has 192.168.9.2 tell 192.168.9.1, length 46
-r为读,-w为写
使用wireshark抓包
[root@localhost ~]# yum install -y wireshark
Loaded plugins: fastestmirror
Loading mirror speeds from cached hostfile
* epel: mirror01.idc.hinet.net
Resolving Dependencies
--> Running transaction check
---> Package wireshark.x86_64 0:1.10.14-14.el7 will be installed
--> Processing Dependency: libsmi.so.2()(64bit) for package: wireshark-1.10.14-14.el7.x86_64
--> Processing Dependency: libcares.so.2()(64bit) for package: wireshark-1.10.14-14.el7.x86_64
--> Running transaction check
---> Package c-ares.x86_64 0:1.10.0-3.el7 will be installed
---> Package libsmi.x86_64 0:0.4.8-13.el7 will be installed
--> Finished Dependency Resolution
Dependencies Resolved
===================================================================================================
Package Arch Version Repository Size
===================================================================================================
Installing:
wireshark x86_64 1.10.14-14.el7 base 13 M
Installing for dependencies:
c-ares x86_64 1.10.0-3.el7 base 78 k
libsmi x86_64 0.4.8-13.el7 base 2.3 M
Transaction Summary
===================================================================================================
Install 1 Package (+2 Dependent packages)
Total download size: 15 M
Installed size: 83 M
Downloading packages:
(1/3): c-ares-1.10.0-3.el7.x86_64.rpm | 78 kB 00:00:01
(2/3): libsmi-0.4.8-13.el7.x86_64.rpm | 2.3 MB 00:00:05
(3/3): wireshark-1.10.14-14.el7.x86_64.rpm | 13 MB 00:00:29
---------------------------------------------------------------------------------------------------
Total 490 kB/s | 15 MB 00:00:31
Running transaction check
Running transaction test
Transaction test succeeded
Running transaction
Installing : c-ares-1.10.0-3.el7.x86_64 1/3
Installing : libsmi-0.4.8-13.el7.x86_64 2/3
Installing : wireshark-1.10.14-14.el7.x86_64 3/3
Verifying : libsmi-0.4.8-13.el7.x86_64 1/3
Verifying : wireshark-1.10.14-14.el7.x86_64 2/3
Verifying : c-ares-1.10.0-3.el7.x86_64 3/3
Installed:
wireshark.x86_64 0:1.10.14-14.el7
Dependency Installed:
c-ares.x86_64 0:1.10.0-3.el7 libsmi.x86_64 0:0.4.8-13.el7
Complete!
[root@localhost ~]# tshark -n -t a -R http.request -T fileds -e "frame.time" -e "ip.src" -e "http.host" -e "http.request.method" -e "http.request.uri"
扫一扫
1264
被折叠的 条评论
为什么被折叠?
到【灌水乐园】发言
