tcpdump

With tcpdump , you can also limit the amount of data to be traced .

使用tcpdump，您还可以限制要跟踪的数据的总量。

S0 tells tcpdump that you want all data in every packet body .

s0告诉tcpdump您想得到每个数据包主体中的所有数据。

Tcpdump continues to capture packets until you hit Ctrl + C.

tcpdump将持续地捕获数据包，直到您键入Ctrl+C为止。

The message packets between client and server can be traced using the tcpdump command in AIX .

在AIX中，可以使用tcpdump命令跟踪客户机和服务器之间传输的消息包。

The Net : : TcpDumpLog parses the raw network data saved by tcpdump .

TcpDumpLog会解析tcpdump所保存的原始网络数据。

One important difference with tcpdump is that , unlike iptrace , it can look at only one network interface at a time .

tcpdump的一个重要区别是，与iptrace不同，它一次只能查看一个网络接口。

The transaction between the client and server should be completed and then the tcpdump can be killed .

客户机和服务器之间的事务完成之后，可以停止tcpdump进程。

You can also try the cross-platform tcpdump tool , which is supported on most UNIX and Linux operating systems .

您也可以尝试使用跨平台的tcpdump工具，它支持大多数的UNIX和Linux操作系统。

The tcpdump and tcpflow tools give you a huge number of options , including the ability to create complex filter expressions .

tcpdump和tcpflow工具有大量的选项，包括创建复杂过滤表达式的能力。

Tcpdump is an essential tool for exploring low-level packet exchanges and verifying that your firewall is working correctly .

tcpdump是研究低级信息包交换和验证防火墙是否正常工作的必备工具。

For example , snoop and tcpdump both provide detailed information on different protocols under both UDP and TCP to varying levels .

例如，snoop和tcpdump都提供了关于UDP和TCP上不同协议的不同级别的详细信息。

Tcpdump , for example , is not just a tool for diagnosing network problems , but is invaluable for understanding how the protocols work .

比如说Tcpdump吧，它不仅仅是一个诊断网络问题的工具，更是一个辅助理解协议原理的无价之宝。

There are a number of modules in different languages that provide functionality for reading and decoding the data captured by tcpdump and snoop .

有许多使用不同语言编写的模块具有读取和解码tcpdump和snoop捕捉的数据的功能。

You used netstat and drilled down to the packet level using tracing tools , such as iptrace and tcpdump .

在本文中，您使用了netstat，并且使用iptrace和tcpdump等跟踪工具深入到了数据包级别。

You can monitor outgoing data sent from a particular adapter using tcpdump , which displays the content of each packet as it is sent .

可以使用tcpdump监视从特定适配器发送出的数据，这个命令在发送每个数据包时显示其内容。

Instead of writing Snort rules or analyzing Tcpdump output , use Argus and some command-line switches to provide a minimal list of network connections .

本文并没有编写Snort规则或分析Tcpdump输出，而是使用Argus和一些命令行转换来提供最少的网络连接列表。

Also , you do not need to use an ipreport type of command to format binary data , because tcpdump does the trace and the output .

另外，您不需要使用ipreport类型的命令来格式化二进制的数据，因为tcpdump将进行跟踪并产生格式化的输出。

The-i lo option tells tcpdump what interface to listen on ( the loopback device , in this case ) .

ilo选项告诉tcpdump要侦听哪个接口（在这个例子中要侦听回送设备）。

If you want tcpdump to keep only a set number of bytes per packet , enter the number of bytes desired in place of zero here .

如果您想让tcpdump只保持每个数据包一定数量的字节，请输入所期望的字节数来代替此处的零。

The tcpdump command is much more feature rich than the simple examples shown here , so I recommend that you familiarize yourself with its man pages .

tcpdump命令的特性比这些简单的示例丰富得多，所以我建议您熟悉它的手册页。

Using this basic framework you can perform more complex lookups and decoding that do not rely on the automated solutions provided by tcpdump or snoop .

通过使用这个基本的框架，您就能够执行不依赖于tcpdump或snoop的自动化解决方案的更复杂查询和解码。

As shown in this article , using tools like tcpdump , snoop or iptrace , you can extract a wide range of data at the command line .

如本文所述，通过使用诸如tcpdump、snoop或iptrace的工具，您可以在命令行上提取大量的数据。

Another way to process the content from tcpdump is to save the raw network packet data to a file and then process the file to find and decode the information that you want .

处理来自tcpdump的另一个方法是将原始网络数据包数据保存到一个文件中，然后处理这个文件以便查找和解码出您想要的信息。

You can do this either by typing an expression ( like those provided to tcpdump , snoop or iptrace ) into the Filter box .

您可以通过在Filter输入框中输入一个表达式（类似于tcpdump、snoop或iptract）。

In the UNIX world , useful tools are tcpdump , iftop , and bandwidth monitors such as wmnet .

在UNIX领域中，tcpdump、iftop和带宽监视工具（如wmnet）都是非常有价值的。

Although , as already mentioned , tools like tcpdump , iptrace and snoop provide basic network analysis and decoding , there are GUI-based tools that make the process even easier .

虽然，正如之前提到的，诸如tcpdump、iptrace和snoop等工具都提供了基本的网络分析和解码功能，但是还有一些基于GUI的工具使这个过程更简单。

Depending on the nature of the problem , it is sometimes good practice to run a tcpdump for a period of time while capturing packet information to a file using the-w switch .

根据问题的性质，有时候最好运行tcpdump一段时间，同时使用-w选项把数据包信息捕捉到文件中。

The main benefit of tcpdump is that you can specify filters so that you can select only particular protocols , sources , destinations , ports and other combinations .

tcpdump的主要好处是可以指定过滤器，这样您就可以仅选择特定的协议、源、目标和端口等。

A newer tool called tcpflow complements tcpdump and provides a way to do protocol flow analysis and to properly reconstruct data streams , regardless of packet order or retransmissions .

一个叫做tcpflow的新工具与tcpdump相辅相成，它提供协议流分析和适当地重构数据流的方法，而不管数据包的顺序或重发。

The tcpdump tool is an older tool that " sniffs " network packets from a network and either prints them to stdout or logs them to a file .

tcpdump工具是一个比较老的工具，它从网上“嗅探”网络数据包，打印到stdout或记录在一个文件中。