您可以使用tcpflow执行此操作.来自网站:
tcpflow is a program that captures data transmitted as part of TCP connections (flows), and stores the data in a way that is convenient for protocol analysis or debugging. A program like ‘tcpdump’ shows a summary of packets seen on the wire, but usually doesn’t store the data that’s actually being transmitted. In contrast, tcpflow reconstructs the actual data streams and stores each flow in a separate file for later analysis.
它会以[ip].[port] – [ip].[port]格式将日志转储到当前工作目录.
# mkdir http_logs
# cd http_logs
# tcpflow dst port 80
此示例记录所有进入端口80的TCP数据包,并将它们保存在当前目录中以便于调试.您还可以使用pcap filters进一步过滤.
您可能还会发现-a开关很有用,它可以启用后期处理.例如,它将HTTP标头和主体放在单独的文件中.
扫一扫
158
被折叠的 条评论
为什么被折叠?
到【灌水乐园】发言
