本文介绍了如何使用tcpdump进行网络抓包,包括常用参数如监听网卡、显示主机和端口等,并提到了Wireshark这一强大的抓包工具。接着,文章探讨了Python的网络编程,特别是套接字的使用,区分了面向连接和无连接的套接字类型,并列举了三个网络编程实例,涉及本机TCP通信、不同网段TCP通信以及UDP本地通信。
抓包
tcpdump
- 可以将网络
- -i:interface监听网卡
-
[root@server5 ~]# tcpdump -i ens33
11:09:26.967399 IP server5.example.com.ssh > localhost.53420: Flags [P.], seq 3438092:3438272, ack 521, win 251, length 180
- - nn:以ip和port方式显示来源主机和目的主机
-
[root@server3 ~]# ping -c 5 192.168.109.138
PING 192.168.109.138 (192.168.109.138) 56(84) bytes of data.
64 bytes from 192.168.109.138: icmp_seq=1 ttl=64 time=1.50 ms
64 bytes from 192.168.109.138: icmp_seq=2 ttl=64 time=0.215 ms
64 bytes from 192.168.109.138: icmp_seq=3 ttl=64 time=0.584 ms
64 bytes from 192.168.109.138: icmp_seq=4 ttl=64 time=0.236 ms
64 bytes from 192.168.109.138: icmp_seq=5 ttl=64 time=0.226 ms
root@server5 ~]# tcpdump -i ens33 -nn 'icmp'
tcpdump: verbose output suppressed, use -v or -vv for full protocol decode
listening on ens33, link-type EN10MB (Ethernet), capture size 65535 bytes
11:13:52.860920 IP 192.168.109.131 > 192.168.109.138: ICMP echo request, id 25157, seq 1, length 64
11:13:52.860972 IP 192.168.109.138 > 192.168.109.131: ICMP echo reply, id 25157, seq 1, length 64
11:13:53.862829 IP 192.168.109.131 > 192.168.109.138: ICMP echo request, id 25157, seq 2, length 64
11:13:53.862874 IP 192.168.109.138 > 192.168.109.131: ICMP echo reply, id 25157, seq 2, length 64
11:13:54.864056 IP 192.168.109.131 > 192.168.109.138: ICMP echo request, id 25157, seq 3, length 64
11:13:54.864115 IP 192.168.109.138 > 192.168.109.131: ICMP echo reply, id 25157, seq 3, length 64
11:13:55.864911 IP 192.168.109.131 > 192.168.109.138: ICMP echo request, id 25157, seq 4, length 64
11:13:55.864961 IP 192.168.109.138 > 192.168.109.131: ICMP echo reply, id 25157, seq 4, length 64
11:13:56.865994 IP 192.168.109.131 > 192.168.109.138: ICMP echo request, id 25157, seq 5, length 64
11:13:56.866044 IP 192.168.109.138 > 192.168.109.131: ICMP echo reply, id 25157, seq 5, length 64
-
最低0.47元/天 解锁文章
扫一扫
1192
被折叠的 条评论
为什么被折叠?
到【灌水乐园】发言
