tcpdump抓取进入网卡的包,或者出网卡的包。
tcpdump分进出方向抓包。
可以使用如下filter
┬─[tong@T7:~/VM/t9]─[03:19:32 PM] ╰─>$ man pcap-filter |grep inbound -A 7 inbound Packet was received by the host performing the capture rather than being sent by that host. This is only supported for certain link-layer types,
such as SLIP and the ``cooked'' Linux capture mode used for the ``any'' device and for some other device types. outbound Packet was sent by the host performing the capture rather than being received by that host. This is only supported for certain link-layer types,
such as SLIP and the ``cooked'' Linux capture mode used for the ``any'' device and for some other device types.
例如:
┬─[tong@T7:~/VM/t9]─[03:22:00 PM] ╰─>$ sudo tcpdump -i wlan0 -nn -c 100 " inbound "