一次关于tcpdump的使用心得

公司出现我们service 错误，我之前一直是用wireshark 比较多的。

但是linux 只有tcpdump，于是我就使用tcpdump

我们的user-service是8810，于是我输入

sudo tcpdump -vv -i eth1 src port 8810||dst port 8810 tcp

-i 是网卡

src port 是源端口

dst port 是目的端口

但是这时候没有数据于是我又加了-A

 sudo tcpdump -A -vv -i eth1 src port 8810||dst port 8810 tcp

出现了数据

12:40:09.764585 IP (tos 0x0, ttl 64, id 61424, offset 0, flags [DF], proto TCP (6), length 148)testvm-102.8810 > 192.168.255.101.52028: Flags [P.], cksum 0x80a4 (incorrect -> 0x5c44), seq 2707:2803, ack 647, win 294, options [nop,nop,TS val 181844277 ecr 2681762457], length 96
E.....@.@..U...f...e"j.<]$...r.g...&.........5..r....P........-f.W{"errno":0,"data":{"code":0,"data":{"username":"16621086246","uid":"10002614"}}}
12:40:09.786272 IP (tos 0x0, ttl 64, id 61425, offset 0, flags [DF], proto TCP (6), length 1344)testvm-102.8810 > 192.168.255.101.52028: Flags [P.], cksum 0x8550 (incorrect -> 0xeb49), seq 2803:4095, ack 790, win 302, options [nop,nop,TS val 181844282 ecr 2681762462], length 1292
E..@..@.@......f...e"j.<]$...r.......P.......:..r...............xW{"errno":0,"data":"{\"code\":1,\"uid\":\"10002614\",\"nick\":\"da\",\"avatar\":\"http:\\\/\\\/picture.eclicks.cn\\\/g2\\\/l\\\/2019\\\/02\\\/12\\\/4656bcaf2046f703_640_640.jpg\",\"reg_ip\":\"0\",\"reg_time\":\"1540366703\",\"reg_openid\":\"\",\"type\":\"2\",\"identity\":\"0\",\"admires\":\"0\",\"gold\":\"36295\",\"topics\":\"592\",\"posts\":\"211\",\"kernels\":\"32\",\"gods\":\"0\",\"favorites\":\"0\",\"imgs\":\"0\",\"forums\":\"8\",\"exp\":\"6825\",\"sex\":\"1\",\"sign\":\"\u6d4b\u8bd5\",\"phone\":\"16621086246\",\"last_topic_time\":\"1574330566\",\"unread_notifies\":\"4\",\"unread_reminds\":\"4\",\"unread_admire\":\"0\",\"cartype\":\"158\",\"cityid\":\"90\",\"driving_years\":\"2017\",\"wallpaper\":\"\",\"last_login_day\":\"1544716800\",\"admin_type\":\"1\",\"continue_login_days\":\"2\",\"change_carnum\":\"2\",\"app_source\":\"1\",\"last_login_app\":\"1\",\"following_total\":\"8\",\"follower_total\":\"56\",\"ignore_total\":\"0\",\"mtime\":\"1571037245\",\"birthday\":\"475473600\",\"disable_stranger_tip\":\"0\",\"level\":7,\"level_up_percent\":\"94%\",\"need_exp\":7000,\"user_identity\":{\"title\":\"\u5b98\u65b9\",\"type\":1,\"level\":1,\"pic\":\"http:\\\/\\\/picture.eclicks.cn\\\/g2\\\/l\\\/2019\\\/12\\\/06\\\/16648000e57451c1_210_53.png\"},\"data\":[]}"}
12:40:09.802541 IP (tos 0x0, ttl 64, id 61426, offset 0, flags [DF], proto TCP (6), length 1316)testvm-102.8810 > 192.168.255.101.52028: Flags [P.], cksum 0x8534 (incorrect -> 0x6798), seq 4095:5359, ack 951, win 310, options [nop,nop,TS val 181844286 ecr 2681762464], length 1264
E..$..@.@......f...e"j.<]$...r.....6.4.......>..r.................{"errno":0,"data":{"code":0,"data":{"uid":"10002614","nick":"da","avatar":"http:\/\/picture.eclicks.cn\/g2\/l\/2019\/02\/12\/4656bcaf2046f703_640_640.jpg","reg_time":"1540366703","type":"2","gold":"36295","topics":"592","posts":"211","kernels":"32","gods":"0","favorites":"0","admires":"0","imgs":"0","exp":"6825","sex":"1","sign":"\u6d4b\u8bd5","forums":"8","last_topic_time":"1574330566","wallpaper":"","driving_years":2,"cartype":"158","cityid":"90","admin_type":"1","change_carnum":"2","continue_login_days":"2","following_total":"8","follower_total":"56","last_login_day":"1544716800","birthday":"475473600","app_source":"1","unread_admire":"0","unread_reminds":"4","unread_notifies":"4","reg_openid":"","last_login_app":"1","user_identity":{"title":"\u5b98\u65b9","type":1,"level":1,"pic":"http:\/\/picture.eclicks.cn\/g2\/l\/2019\/12\/06\/16648000e57451c1_210_53.png"},"small_logo_h":"44","small_logo_w":"34","small_logo":"http:\/\/picture.eclicks.cn\/2014\/01\/17\/588263c808183139_34_44.png","car_name":"\u4fdd\u65f6\u6377 \u4fdd\u65f6\u6377911","vip":0,"vip_expire":"","big_player":1,"white_status":"1","user_title":[],"if_honorForumManager":0,"is_receive_wheel_children":"1","level":7,"need_exp":7000,"level_up_percent":"94%","auth":0}}}

一次关于tcpdump的使用心得相关推荐

转 Wireshark和TcpDump抓包分析心得
1. Wireshark与tcpdump介绍 Wireshark是一个网络协议检测工具,支持Windows平台和Unix平台,我一般只在Windows平台下使用Wireshark,如果是Linux的话 ...
Wireshark和 TcpDump抓包分析心得
1. Wireshark与tcpdump介绍 Wireshark是一个网络协议检测工具,支持Windows平台和Unix平台,我一般只在Windows平台下使用Wireshark,如果是Linux的话 ...
Wireshark和TcpDump抓包分析心得
为什么80%的码农都做不了架构师?>>> ‍ 1. Wireshark与tcpdump介绍 ?Wireshark是一个网络协议检测工具,支持Windows平台和Unix平台,我 ...
zzfrom水木-Linux环境学习和开发心得（作者：lunker）
转自水木lunker,非常好的文章,在此鸣谢之. 本人水平有限,如果有错误和遗漏,或者有更好的建议,请大家认真的拍. 强烈建议: 文中涉及的图书最好入手一个英文版的,如果实在阅读有困难,可以在电脑中准 ...
TCPDUMP/LIBPCAP 1-由零开始
简介 TCPDUMP是强大的网络包分析器,可以在线或离线抓包,设置过滤条件等操作. LIBPCAP是十分简洁易用的C/C++网络流量抓包库:实际上TCPDUMP就是基于LIBPCAP实现的一个应用程序 ...
[译] 关于 HTTP/3 的一些心得
原文地址:Some notes about HTTP/3 原文作者:Errata 译文出自:掘金翻译计划本文永久链接:github.com/xitu/gold-m- 译者:Starrier 校对者: ...
App 抓包利器：Charles 以及 App 爬虫心得
整理不易,欢迎关注公众号:AI悦创,如果你想快速入门点击此阅读: https://mp.weixin.qq.com/s/hxWpw5lydfRyqki45xly1Q 公众号:AI悦创 1. 前言介绍 ...
春招实习上岸，整理CVTE，华为，百度，头条，腾讯。分享心得及面经
春招战线拉到比较长,从二月底开始整理项目.制作简历,3月初开始投递第一家,接下来笔试.面试.总结.复习.等待--持续了差不多整整两个月,直到五一放假前才正式收到第一个心仪的offer.这期间学习获取了 ...
使用libpcap tcpdump wireshark抓包
作者 QQ群:852283276 微信:arm80x86 微信公众号:青儿创客基地 B站:主页 https://space.bilibili.com/208826118 参考 tcpdump & ...

一次关于tcpdump的使用心得

一次关于tcpdump的使用心得相关推荐

最新文章

热门文章