1. 只抓syn包
tcpdump -i eth1 'tcp[tcpflags] = tcp-syn'
2. 只抓ack包
tcpdump -nni xgbe1 dst host 191.168.100.199 and tcp and 'tcp[tcpflags] & (tcp-ack) != 0' and 'tcp[tcpflags] & (tcp-fin|tcp-syn|tcp-push|tcp-rst) == 0'
本文共 270 字,大约阅读时间需要 1 分钟。
1. 只抓syn包
tcpdump -i eth1 'tcp[tcpflags] = tcp-syn'
2. 只抓ack包
tcpdump -nni xgbe1 dst host 191.168.100.199 and tcp and 'tcp[tcpflags] & (tcp-ack) != 0' and 'tcp[tcpflags] & (tcp-fin|tcp-syn|tcp-push|tcp-rst) == 0'
转载于:https://www.cnblogs.com/lovemyspring/p/4036635.html