tcpdump抓取進入網卡的包,或者出網卡的包。
tcpdump分進出方向抓包。
可以使用如下filter
┬─[tong@T7:~/VM/t9]─[03:19:32 PM] ╰─>$ man pcap-filter |grep inbound -A 7 inbound Packet was received by the host performing the capture rather than being sent by that host. This is only supported for certain link-layer types,
such as SLIP and the ``cooked'' Linux capture mode used for the ``any'' device and for some other device types. outbound Packet was sent by the host performing the capture rather than being received by that host. This is only supported for certain link-layer types,
such as SLIP and the ``cooked'' Linux capture mode used for the ``any'' device and for some other device types.
例如:
┬─[tong@T7:~/VM/t9]─[03:22:00 PM] ╰─>$ sudo tcpdump -i wlan0 -nn -c 100 " inbound "