服务器 Gind.cn
  1. 服务器 Gind.cn
  3. CentOS听线上的一切
Intereting Posts
我如何杀死一个失控的cronjob HAProxy和Ngnix在反向代理模式下的区别是什么? Java Applet不能从Windows Server 2008 R2上的IE浏览器启动 在服务器2012年ARR故障排除502.3 / WinHttp跟踪 Vista独特的键盘快捷键 Cat6A连接器是否适合正常的千兆networking交换机? 在Apache Tomcat6服务器上连同数据库一起托pipejava / j2ee应用程序 监控Apache使用的当前带宽 NT权限用户自动创build 从同一磁盘启动两台服务器? 装入卸载的磁盘的现有分区 与DataStax Enterprise一起使用外部IP Linux测量networking带宽 如何configurationMySQL命令行客户端密钥绑定? MySQL的innodb_file_per_table和“太多的表”

CentOS听线上的一切

我知道有一个在Linux上的本地命令,将输出(以标准输出)与某个networking接口(不pipe是eth0等)有关的每个“事件”。
就像有tail -f <file>来监听文件的变化
我无法find它。

我希望看到所有的事件,传入的数据包,甚至是丢失的数据包。 在尽可能低的水平。 在每个协议(TCP,UDP等)中。
我认为WireShark对于这个有点太大了,因为我需要一些非常简单的事情来查看事件,这是为了testing。

什么命令?

正如其他人所提到的,你正在谈论tcpdump。

还有ngrep : 

 $ yum info ngrep Loaded plugins: fastestmirror, priorities Available Packages Name : ngrep Arch : i386 Version : 1.45 Release : 2.el5.rf Size : 33 k Repo : dag Summary : Realtime network grep tool URL : http://ngrep.sourceforge.net/ License : GPL Description: ngrep is grep command that works on realtime network data. : : ngrep strives to provide most of GNU grep's common features, applying : them to the network layer. ngrep is a pcap-aware tool that will allow : you to specify extended regular or hexadecimal expressions to match : against data payloads of packets. It currently recognizes TCP, UDP : and ICMP across Ethernet, PPP, SLIP, FDDI, Token Ring and null : interfaces, and understands bpf filter logic in the same fashion as : more common packet sniffing tools, such as tcpdump and snoop.

这有点像networkingstream上的grep。 这不是一个标准的软件包,但它可以帮助你find你正在寻找的networkingstream量。

TCPDUMP ? 

 [root@kerberos users]# tcpdump -i virbr0 port 22 -c 10 tcpdump: verbose output suppressed, use -v or -vv for full protocol decode listening on virbr0, link-type EN10MB (Ethernet), capture size 65535 bytes 10 packets captured 10 packets received by filter 0 packets dropped by kernel 18:15:00.629145 IP kerberos.example.com.ssh > 10.5.50.220.60680: Flags [P.], seq 723634149:723634341, ack 2691792940, win 145, options [nop,nop,TS val 2845703615 ecr 994376021], length 192 18:15:00.646606 IP 10.5.50.220.60680 > kerberos.example.com.ssh: Flags [.], ack 0, win 65535, options [nop,nop,TS val 994376068 ecr 2845703587], length 0 18:15:00.653646 IP 10.5.50.220.65416 > kerberos.example.com.ssh: Flags [.], ack 4059311404, win 33108, options [nop,nop,TS val 994376075 ecr 2845703594], length 0 18:15:00.659078 IP 10.5.50.220.65416 > kerberos.example.com.ssh: Flags [P.], seq 0:96, ack 1, win 33156, options [nop,nop,TS val 994376075 ecr 2845703594], length 96 18:15:00.660041 IP kerberos.example.com.ssh > 10.5.50.220.65416: Flags [P.], seq 1:129, ack 96, win 244, options [nop,nop,TS val 2845703645 ecr 994376075], length 128 18:15:00.676094 IP 10.5.50.220.60680 > kerberos.example.com.ssh: Flags [.], ack 192, win 65535, options [nop,nop,TS val 994376096 ecr 2845703615], length 0 18:15:00.706762 IP 10.5.50.220.65416 > kerberos.example.com.ssh: Flags [.], ack 129, win 33092, options [nop,nop,TS val 994376126 ecr 2845703645], length 0 18:15:00.712138 IP 10.5.50.220.65416 > kerberos.example.com.ssh: Flags [P.], seq 96:192, ack 129, win 33156, options [nop,nop,TS val 994376126 ecr 2845703645], length 96 18:15:00.713242 IP kerberos.example.com.ssh > 10.5.50.220.65416: Flags [P.], seq 129:257, ack 192, win 244, options [nop,nop,TS val 2845703699 ecr 994376126], length 128 18:15:00.760791 IP 10.5.50.220.65416 > kerberos.example.com.ssh: Flags [.], ack 257, win 33092, options [nop,nop,TS val 994376179 ecr 2845703699], length 0

我想你可能正在寻找tcpdump